CVE-2021-26558

CVE-2021-26558: Deserialization of Untrusted Data

Vendor Apache Software Foundation
Product Apache ShardingSphere-UI
Weakness CWE-502 · Unsafe deserialization
Published November 11, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

Deserialization of Untrusted Data vulnerability of Apache ShardingSphere-UI allows an attacker to inject outer link resources. This issue affects Apache ShardingSphere-UI Apache ShardingSphere-UI version 4.1.1 and later versions; Apache ShardingSphere-UI versions prior to 5.0.0.

Key dates

02Disclosure timeline

November 11, 2021 CVE published
August 3, 2024 Record updated