CVE-2017-8045

State: PUBLISHED · Published: 2017-11-27 · Updated: 2024-08-05 · Assigner: dell

Description

In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. A malicious payload could be crafted to exploit this and enable a remote code execution attack.

CWE

(none)

Affected

n/a / Spring AMQP Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7 — v=Spring AMQP Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7 [affected]

CVSS

(none)

References

https://pivotal.io/security/cve-2017-8045 x_refsource_CONFIRM
http://www.securityfocus.com/bid/100936 vdb-entry, x_refsource_BID

Source

cvelistV5-main/cves/2017/8xxx/CVE-2017-8045.json