Pac4j Security Update Advisory (CVE-2023-25581)

Oct 15 2024

Overview

An update has been released to address vulnerabilities in Pac4j. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2023-25581

pac4j-core versions: ~ 4.0.0 (excluded)

Resolved Vulnerabilities

Java deserialization vulnerability could allow remote code execution (RCE) (CVE-2023-25581)

Vulnerability Patches

The following product-specific Vulnerability Patches have been made available in the latest update. If you are using an affected version, Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2023-25581

pac4j-core version: 4.0.0

References

[1] CVE-2023-25581 Detail

https://nvd.nist.gov/vuln/detail/CVE-2023-25581

[2] pac4j-core affected by a Java deserialization vulnerability

https://github.com/advisories/GHSA-76mw-6p95-x9x5

Pac4j Security Update Advisory (CVE-2023-25581)

SonicWall Family October 2024 1st Security Update Advisory

Telerik Report Server Security Update Advisory (CVE-2024-8015)

Tags:

SonicWall Family October 2024 1st Security Update Advisory

Telerik Report Server Security Update Advisory (CVE-2024-8015)