← Back

Nippy

nippy

Vendor: Taoensso • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-24164
1Taoensso
1Nippy
Jun 17, 2026
Sep 11, 2020
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A deserialization flaw is present in Taoensso Nippy before 2.14.2. In some circumstances, it is possible for an attacker to create a malicious payload that, when deserialized, will allow arbitrary code to be executed. Th...Show more
A deserialization flaw is present in Taoensso Nippy before 2.14.2. In some circumstances, it is possible for an attacker to create a malicious payload that, when deserialized, will allow arbitrary code to be executed. This occurs because there is automatic use of the Java Serializable interface.Show less