CVE-2022-29615 - AskarLabs CVE Database

CVE-2022-29615

Vendor Sap Se

Product SAP NetWeaver Developer Studio (NWDS)

Weakness CWE-502 · Unsafe deserialization

Published June 14, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

SAP NetWeaver Developer Studio (NWDS) - version 7.50, is based on Eclipse, which contains the logging framework log4j in version 1.x. The application's confidentiality and integrity could have a low impact due to the vulnerabilities associated with version 1.x.

Key dates

02Disclosure timeline

June 14, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-29615 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/502.html

Related vulnerabilities

04Related CVE

CVE-2026-24009 Docling Core vulnerable to Remote Code Execution via unsafe PyYAML usage CVE-2025-25034 SugarCRM PHP Deserialization RCE CVE-2026-46725 Remote Code Execution in extension "Content Element Selector" (ceselector) CVE-2023-6730 Deserialization of Untrusted Data in huggingface/transformers CVE-2024-29032 `qiskit_ibm_runtime.RuntimeDecoder` can execute arbitrary code