CVE-2019-17556 is a vulnerability in Apache Olingo
Published on December 4, 2019

Apache Olingo versions 4.0.0 to 4.6.0 provide the AbstractService class, which is public API, uses ObjectInputStream and doesn't check classes being deserialized. If an attacker can feed malicious metadata to the class, then it may result in running attacker's code in the worse case.

NVD

Products Associated with CVE-2019-17556

Want to know whenever a new CVE is published for Apache Olingo? stack.watch will email you.

Apache Olingo

Affected Versions

Apache Olingo Version 4.0.0 to 4.6.0 is affected by CVE-2019-17556

Exploit Probability

EPSS

0.78%

Percentile

73.40%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-17556 is a vulnerability in Apache OlingoPublished on December 4, 2019

Products Associated with CVE-2019-17556

Affected Versions

Exploit Probability

CVE-2019-17556 is a vulnerability in Apache Olingo
Published on December 4, 2019