Headline
GHSA-j7jm-8gf5-frcm: nGrinder vulnerable to unsafe Java objects deserialization
nGrinder before 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote attacker to execute arbitrary code via unsafe Java objects deserialization.
nGrinder vulnerable to unsafe Java objects deserialization
High severity GitHub Reviewed Published Mar 7, 2024 to the GitHub Advisory Database • Updated Mar 7, 2024