Description
The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML.
Remediation
References
http://blog.diniscruz.com/2013/08/using-xmldecoder-to-execute-server-side.html
http://restlet.org/learn/2.1/changes
http://rhn.redhat.com/errata/RHSA-2013-1410.html
http://rhn.redhat.com/errata/RHSA-2013-1862.html
https://bugzilla.redhat.com/show_bug.cgi?id=995275
https://github.com/restlet/restlet-framework-java/issues/774
Related Vulnerabilities
CVE-2017-4960 Vulnerability in maven package org.cloudfoundry.identity:cloudfoundry-identity-uaa
CVE-2021-27516 Vulnerability in maven package org.webjars.npm:urijs
CVE-2022-35915 Vulnerability in maven package org.webjars.npm:openzeppelin__contracts
CVE-2019-10400 Vulnerability in maven package org.jenkins-ci.plugins:script-security
CVE-2022-25647 Vulnerability in maven package com.google.code.gson:gson