CVE-2023-7148 | ShifuML shifu 0.12.0 Java Expression Language DataPurifier.java FilterExpression code injection

Çağlar Arlı - 97 Views

CVE-2023-7148 | ShifuML shifu 0.12.0 Java Expression Language DataPurifier.java FilterExpression code injection

A vulnerability has been found in ShifuML shifu 0.12.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file src/main/java/ml/shifu/shifu/core/DataPurifier.java of the component Java Expression Language Handler. The manipulation of the argument FilterExpression leads to code injection. This vulnerability is known as CVE-2023-7148. The attack can be launched remotely. Furthermore, there is an exploit available.

P	S	Ç	P	C	C	P
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Annanowa

CVE-2023-7148 | ShifuML shifu 0.12.0 Java Expression Language DataPurifier.java FilterExpression code injection

CVE-2023-7148 | ShifuML shifu 0.12.0 Java Expression Language DataPurifier.java FilterExpression code injection

Son Yazılar

Son Yorumlar