Apache Cayenne vulnerabilities
2 known vulnerabilities affecting apache/cayenne.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2022-24289P2HIGHCVSS 8.8fixed in 4.22022-02-11
CVE-2022-24289 [HIGH] CWE-502 CVE-2022-24289: Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne'
Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne's optional Remote Object Persistence (ROP) feature is a web services-based technology that provides object persistence and query functionality to 'remote' applications. In Apache Cayenne 4.1 and earlier, running on non-current patch versions of Java, an
nvd
CVE-2018-11758P3HIGHCVSS 8.1≤ 3.1.0v3.1.1+4 more2018-08-22
CVE-2018-11758 [HIGH] CWE-611 CVE-2018-11758: This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3
This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a malicious XML file, the attacker will be able to instru
nvd