CVE-2023-39106

Published August 21st, 2023

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

An issue in Nacos Group Nacos Spring Project v.1.1.1 and before allows a remote attacker to execute arbitrary code via the SnakeYamls Constructor() component.

nacos-group/nacos-spring-project

Nacos ECO Project for Spring Framework

GitHub

765