Security News > 2024 > October > Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications
2024-10-07 09:30
A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-47561, impacts all versions of the software prior to 1.11.4. "Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute
News URL
https://thehackernews.com/2024/10/critical-apache-avro-sdk-flaw-allows.html
Related news
- Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code (source)
- ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK? (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
- Apache Parquet exploit tool detect servers vulnerable to critical flaw (source)
- Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks (source)