CVE-2021-40146

Summary

A Remote Code Execution (RCE) vulnerability was discovered in the Any23 YAMLExtractor.java file and is known to affect Any23 versions < 2.5. RCE vulnerabilities allow a malicious actor to execute any code of their choice on a remote machine over LAN, WAN, or internet. RCE belongs to the broader class of arbitrary code execution (ACE) vulnerabilities.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Any23Apache Any23 < 2.5affected

Weaknesses

  • Remote Code Execution (RCE)

ADP Enrichment

CVE Program Container

Additional References

References