Apache Xml-Rpc vulnerabilities

1 known vulnerability affecting apache/apache_xml-rpc.

Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1

Vulnerabilities

Page 1 of 1
CVE-2019-17570CRITICALCVSS 9.8vApache XML-RPC all versions2020-01-23
CVE-2019-17570 [CRITICAL] CWE-502 CVE-2019-17570: An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResul An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue will not be fixed.
cvelistv5nvd