- Description
- Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code. Users are recommended to upgrade to version 1.11.4 or 1.12.0, which fix this issue.
- Source
- security@apache.org
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 9.2
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
CVSS 3.1
- Type
- Secondary
- Base score
- 7.3
- Impact score
- 3.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
- Severity
- HIGH
- security@apache.org
- CWE-502
- Hype score
- Not currently trending
Critical #vulnerability in Apache Avro Java SDK – CVE-2024-47561. Wakey wakey, #cybersecurity mates, it’s time to upgrade your software – unless you’re up for handing your system's keys to the bogeyman? #InfoSec #Hacking #PatchUp https://t.co/KPxtBAPufy
@LimitedViewX
7 Dec 2024
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-47561
@transilienceai
20 Oct 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-47561
@transilienceai
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-47561
@transilienceai
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes