{"uuid": "a1ade1ba-f69e-4483-ab9e-9272b011f93d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-11779", "type": "seen", "source": "https://t.me/cibsecurity/5724", "content": "ATENTION\u203c New - CVE-2018-11779\n\nIn Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the Storm UI daemon to deserialize user provided bytes into a Java class.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-07-26T09:11:26.000000Z"}