Vulnerabilities > Dozer Project > Dozer > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-12-29 CVE-2014-9515 Deserialization of Untrusted Data vulnerability in Dozer Project Dozer
Dozer improperly uses a reflection-based approach to type conversion, which might allow remote attackers to execute arbitrary code via a crafted serialized object.
network
low complexity
dozer-project CWE-502
critical
9.8