CVE-2021-40146 is a vulnerability in Apache Any23
Published on September 11, 2021
A Remote Code Execution (RCE) vulnerability exists in Apache Any23 YAMLExtractor.java
A Remote Code Execution (RCE) vulnerability was discovered in the Any23 YAMLExtractor.java file and is known to affect Any23 versions < 2.5. RCE vulnerabilities allow a malicious actor to execute any code of their choice on a remote machine over LAN, WAN, or internet. RCE belongs to the broader class of arbitrary code execution (ACE) vulnerabilities.
Products Associated with CVE-2021-40146
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-40146 are published in Apache Any23:
Affected Versions
Apache Software Foundation Apache Any23:- Version Apache Any23 and below 2.5 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.