Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

N/A

Source -

N/A

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
0Vulnerabilities found
CVE-2019-17570
Assigner-Apache Software Foundation
ShareView Details
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-64.97% / 98.40%
||
7 Day CHG~0.00%
Published-23 Jan, 2020 | 00:00
Updated-05 Aug, 2024 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue will not be fixed.

Action-Not Available
Vendor-Canonical Ltd.The Apache Software FoundationRed Hat, Inc.Fedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxsoftware_collectionsfedoraenterprise_linuxxml-rpcApache XML-RPC
CWE ID-CWE-502
Deserialization of Untrusted Data