Vulnerabilities > Apache > Helix > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-26 | CVE-2023-38647 | Unspecified vulnerability in Apache Helix 0.9.10/0.9.9/1.2.0 An attacker can use SnakeYAML to deserialize java.net.URLClassLoader and make it load a JAR from a specified URL, and then deserialize javax.script.ScriptEngineManager to load code using that ClassLoader. | 9.8 |