Description
An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode() parameter.
Remediation
References
https://github.com/glazedlists/glazedlists/issues/709
Related Vulnerabilities
CVE-2022-35915 Vulnerability in npm package @openzeppelin/contracts
CVE-2020-14061 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2021-21252 Vulnerability in maven package org.webjars.npm:jquery-validation
CVE-2020-8176 Vulnerability in npm package koa-shopify-auth
CVE-2022-30506 Vulnerability in maven package net.mingsoft:ms-mcms