Description
An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode() parameter.
Remediation
References
https://github.com/glazedlists/glazedlists/issues/709
Related Vulnerabilities
CVE-2018-19839 Vulnerability in npm package node-sass
CVE-2020-7760 Vulnerability in maven package org.webjars.bowergithub.components:codemirror
CVE-2022-1295 Vulnerability in maven package org.webjars.bower:fullpage
CVE-2022-0841 Vulnerability in npm package npm-lockfile
CVE-2023-34464 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-templates