Vulnerabilities > Antfin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-19 | CVE-2024-46983 | Unspecified vulnerability in Antfin Sofa-Hessian sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. | 9.8 |
| 2019-02-27 | CVE-2019-9212 | Deserialization of Untrusted Data vulnerability in Antfin Sofa-Hessian SOFA-Hessian through 4.0.2 allows remote attackers to execute arbitrary commands via a crafted serialized Hessian object because blacklisting of com.caucho.naming.QName and com.sun.org.apache.xpath.internal.objects.XString is mishandled, related to Resin Gadget. | 9.8 |