Description
A vulnerability classified as problematic has been found in whaleal IceFrog 1.1.8. Affected is an unknown function of the component Aviator Template Engine. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231804.
Remediation
References
https://vuldb.com/?ctiid.231804
https://github.com/NanKeXXX/selfVuln_poc/blob/main/whaleal%3Aicefrog/icefrog_1.1.8_RCE.md
https://vuldb.com/?id.231804
Related Vulnerabilities
CVE-2017-1000355 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2017-18239 Vulnerability in maven package com.jason-goodwin:authentikat-jwt_2.12
CVE-2023-32200 Vulnerability in maven package org.apache.jena:jena
CVE-2020-28282 Vulnerability in npm package getobject
CVE-2017-2609 Vulnerability in maven package org.jenkins-ci.main:jenkins-core