Ro.pippo:pippo-core
This hub aggregates every CVE we track for Ro.pippo:pippo-core, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
3
Critical
0
High
0
In CISA KEV
Severity distribution
CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 3 most recently published vulnerabilities affecting Ro.pippo:pippo-core.
- CVE-2018-20059jaxb/JaxbEngine.java in Pippo 1.11.0 allows XXE.9.8
- CVE-2018-18628An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode() calls ObjectInputStream.readObject() to deserialize a SessionData object without checking the objec...9.8
- CVE-2018-18240Pippo through 1.11.0 allows remote code execution via a command to java.lang.ProcessBuilder because the XstreamEngine component does not use XStream's available protection mechanisms to restrict un...9.8
Product normalization is registry-driven with AI assist and human review. How it works