Security News > 2024 > October > Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications
2024-10-07 09:30
A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-47561, impacts all versions of the software prior to 1.11.4. "Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute
News URL
https://thehackernews.com/2024/10/critical-apache-avro-sdk-flaw-allows.html
Related news
- Apache fixes critical OFBiz remote code execution vulnerability (source)
- Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution (source)
- Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution (source)
- Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk (source)
- Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks (source)
- Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) (source)
- Google Fixes GCP Composer Flaw That Could've Led to Remote Code Execution (source)
- That doomsday critical Linux bug: It's CUPS. Could lead to remote hijacking of devices (source)
- That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking of devices (source)
- CUPS flaws enable Linux remote code execution, but there’s a catch (source)