Description

The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML.

Remediation

References

http://blog.diniscruz.com/2013/08/using-xmldecoder-to-execute-server-side.html

http://restlet.org/learn/2.1/changes

http://rhn.redhat.com/errata/RHSA-2013-1410.html

https://github.com/restlet/restlet-framework-java/issues/774

https://bugzilla.redhat.com/show_bug.cgi?id=995275

http://rhn.redhat.com/errata/RHSA-2013-1862.html

Related Vulnerabilities

CVE-2021-39150 Vulnerability in maven package com.thoughtworks.xstream:xstream

CVE-2018-20834 Vulnerability in maven package org.webjars:tar

CVE-2013-4590 Vulnerability in maven package org.apache.tomcat:tomcat-catalina

CVE-2020-6422 Vulnerability in maven package org.webjars.npm:electron

CVE-2023-38509 Vulnerability in maven package org.xwiki.platform:xwiki-platform-livetable-ui

Severity

Critical

Classification

CWE-16

Tags

Third Party Advisory Release Notes Vendor Advisory Patch Issue Tracking