Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x deserialize untrusted JSON data without constraining the parser to approved classes and methods.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: HITVAN
Published: 2023-05-24T21:30:37.243Z
Updated: 2023-05-24T21:30:37.243Z
Reserved: 2022-12-28T14:37:02.021Z
Link: CVE-2022-4815
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-24T22:15:09.000
Modified: 2023-06-01T15:45:06.507
Link: CVE-2022-4815
JSON object: View
Redhat Information
No data.
CWE