CVE Published: 21/09/2024 |
CVE Updated: 23/09/2024 |
CVE Year: 2024 Source: apache |
Vendor: Apache Software Foundation |
Product: Apache HertzBeat Status : PUBLISHED
CVE-2024-42323 Description
SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating).
This vulnerability can only be exploited by authorized attackers.
This issue affects Apache HertzBeat (incubating): before 1.6.0.
Users are recommended to upgrade to version 1.6.0, which fixes the issue.