Search criteria
4 vulnerabilities found for spider-flow by ssssssss
CVE-2024-0195 (GCVE-0-2024-0195)
Vulnerability from nvd – Published: 2024-01-02 21:00 – Updated: 2025-06-17 20:29
VLAI?
Title
spider-flow FunctionController.java FunctionService.saveFunction code injection
Summary
A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability.
Severity ?
6.3 (Medium)
6.3 (Medium)
CWE
- CWE-94 - Code Injection
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.249510 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.249510 | signaturepermissions-required |
| https://github.com/laoquanshi/puppy/blob/main/spi… | broken-linkexploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | spider-flow |
Affected:
0.4.3
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.249510"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.249510"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/laoquanshi/puppy/blob/main/spider-flow%20code%20injection%20causes%20rce.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0195",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-08T20:22:57.428593Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T20:29:06.748Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "spider-flow",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "0.4.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "puppy (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in spider-flow 0.4.3 gefunden. Sie wurde als kritisch eingestuft. Es betrifft die Funktion FunctionService.saveFunction der Datei src/main/java/org/spiderflow/controller/FunctionController.java. Durch Manipulieren mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-09T19:05:08.567Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.249510"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.249510"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/laoquanshi/puppy/blob/main/spider-flow%20code%20injection%20causes%20rce.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-02T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-01-02T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2024-01-02T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-01-22T18:49:11.000Z",
"value": "VulDB entry last update"
}
],
"title": "spider-flow FunctionController.java FunctionService.saveFunction code injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-0195",
"datePublished": "2024-01-02T21:00:05.440Z",
"dateReserved": "2024-01-02T11:11:09.341Z",
"dateUpdated": "2025-06-17T20:29:06.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5016 (GCVE-0-2023-5016)
Vulnerability from nvd – Published: 2023-09-17 02:00 – Updated: 2024-08-02 07:44
VLAI?
Title
spider-flow API DataSourceController.java DriverManager.getConnection deserialization
Summary
A vulnerability was found in spider-flow up to 0.5.0. It has been declared as critical. Affected by this vulnerability is the function DriverManager.getConnection of the file src/main/java/org/spiderflow/controller/DataSourceController.java of the component API. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239857 was assigned to this vulnerability.
Severity ?
6.3 (Medium)
6.3 (Medium)
CWE
- CWE-502 - Deserialization
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.239857 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.239857 | signaturepermissions-required |
| https://github.com/bayuncao/vul-cve | broken-link |
| https://github.com/bayuncao/vul-cve/blob/main/spi… | broken-linkexploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | spider-flow |
Affected:
0.1
Affected: 0.2 Affected: 0.3 Affected: 0.4 Affected: 0.5 |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:44:53.706Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.239857"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.239857"
},
{
"tags": [
"broken-link",
"x_transferred"
],
"url": "https://github.com/bayuncao/vul-cve"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/bayuncao/vul-cve/blob/main/spider-flow%20fastjson%20jdbc%20deserialization"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"API"
],
"product": "spider-flow",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "0.1"
},
{
"status": "affected",
"version": "0.2"
},
{
"status": "affected",
"version": "0.3"
},
{
"status": "affected",
"version": "0.4"
},
{
"status": "affected",
"version": "0.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "bayuncao (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in spider-flow up to 0.5.0. It has been declared as critical. Affected by this vulnerability is the function DriverManager.getConnection of the file src/main/java/org/spiderflow/controller/DataSourceController.java of the component API. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239857 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "In spider-flow bis 0.5.0 wurde eine kritische Schwachstelle ausgemacht. Betroffen ist die Funktion DriverManager.getConnection der Datei src/main/java/org/spiderflow/controller/DataSourceController.java der Komponente API. Mit der Manipulation mit unbekannten Daten kann eine deserialization-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T08:02:34.960Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.239857"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.239857"
},
{
"tags": [
"broken-link"
],
"url": "https://github.com/bayuncao/vul-cve"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/bayuncao/vul-cve/blob/main/spider-flow%20fastjson%20jdbc%20deserialization"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-16T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-09-16T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-09-16T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-10-12T14:07:37.000Z",
"value": "VulDB entry last update"
}
],
"title": "spider-flow API DataSourceController.java DriverManager.getConnection deserialization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-5016",
"datePublished": "2023-09-17T02:00:06.688Z",
"dateReserved": "2023-09-16T06:43:13.210Z",
"dateUpdated": "2024-08-02T07:44:53.706Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0195 (GCVE-0-2024-0195)
Vulnerability from cvelistv5 – Published: 2024-01-02 21:00 – Updated: 2025-06-17 20:29
VLAI?
Title
spider-flow FunctionController.java FunctionService.saveFunction code injection
Summary
A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability.
Severity ?
6.3 (Medium)
6.3 (Medium)
CWE
- CWE-94 - Code Injection
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.249510 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.249510 | signaturepermissions-required |
| https://github.com/laoquanshi/puppy/blob/main/spi… | broken-linkexploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | spider-flow |
Affected:
0.4.3
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.249510"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.249510"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/laoquanshi/puppy/blob/main/spider-flow%20code%20injection%20causes%20rce.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0195",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-08T20:22:57.428593Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T20:29:06.748Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "spider-flow",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "0.4.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "puppy (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in spider-flow 0.4.3 gefunden. Sie wurde als kritisch eingestuft. Es betrifft die Funktion FunctionService.saveFunction der Datei src/main/java/org/spiderflow/controller/FunctionController.java. Durch Manipulieren mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-09T19:05:08.567Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.249510"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.249510"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/laoquanshi/puppy/blob/main/spider-flow%20code%20injection%20causes%20rce.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-02T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-01-02T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2024-01-02T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-01-22T18:49:11.000Z",
"value": "VulDB entry last update"
}
],
"title": "spider-flow FunctionController.java FunctionService.saveFunction code injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-0195",
"datePublished": "2024-01-02T21:00:05.440Z",
"dateReserved": "2024-01-02T11:11:09.341Z",
"dateUpdated": "2025-06-17T20:29:06.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5016 (GCVE-0-2023-5016)
Vulnerability from cvelistv5 – Published: 2023-09-17 02:00 – Updated: 2024-08-02 07:44
VLAI?
Title
spider-flow API DataSourceController.java DriverManager.getConnection deserialization
Summary
A vulnerability was found in spider-flow up to 0.5.0. It has been declared as critical. Affected by this vulnerability is the function DriverManager.getConnection of the file src/main/java/org/spiderflow/controller/DataSourceController.java of the component API. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239857 was assigned to this vulnerability.
Severity ?
6.3 (Medium)
6.3 (Medium)
CWE
- CWE-502 - Deserialization
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.239857 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.239857 | signaturepermissions-required |
| https://github.com/bayuncao/vul-cve | broken-link |
| https://github.com/bayuncao/vul-cve/blob/main/spi… | broken-linkexploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | spider-flow |
Affected:
0.1
Affected: 0.2 Affected: 0.3 Affected: 0.4 Affected: 0.5 |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:44:53.706Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.239857"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.239857"
},
{
"tags": [
"broken-link",
"x_transferred"
],
"url": "https://github.com/bayuncao/vul-cve"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/bayuncao/vul-cve/blob/main/spider-flow%20fastjson%20jdbc%20deserialization"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"API"
],
"product": "spider-flow",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "0.1"
},
{
"status": "affected",
"version": "0.2"
},
{
"status": "affected",
"version": "0.3"
},
{
"status": "affected",
"version": "0.4"
},
{
"status": "affected",
"version": "0.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "bayuncao (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in spider-flow up to 0.5.0. It has been declared as critical. Affected by this vulnerability is the function DriverManager.getConnection of the file src/main/java/org/spiderflow/controller/DataSourceController.java of the component API. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239857 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "In spider-flow bis 0.5.0 wurde eine kritische Schwachstelle ausgemacht. Betroffen ist die Funktion DriverManager.getConnection der Datei src/main/java/org/spiderflow/controller/DataSourceController.java der Komponente API. Mit der Manipulation mit unbekannten Daten kann eine deserialization-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T08:02:34.960Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.239857"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.239857"
},
{
"tags": [
"broken-link"
],
"url": "https://github.com/bayuncao/vul-cve"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/bayuncao/vul-cve/blob/main/spider-flow%20fastjson%20jdbc%20deserialization"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-16T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-09-16T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-09-16T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-10-12T14:07:37.000Z",
"value": "VulDB entry last update"
}
],
"title": "spider-flow API DataSourceController.java DriverManager.getConnection deserialization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-5016",
"datePublished": "2023-09-17T02:00:06.688Z",
"dateReserved": "2023-09-16T06:43:13.210Z",
"dateUpdated": "2024-08-02T07:44:53.706Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}