CVE-2022-21445: Oracle ADF Faces Deserialization of Untrusted Data
Oracle ADF Faces Deserialization of Untrusted Data Vulnerability. Oracle ADF Faces library, included with Oracle JDeveloper Distribution, contains a deserialization of untrusted data vulnerability leading to unauthenticated remote code execution.
- CISA KEV-listed (remediation due 2024-10-09)
- EPSS 92.0% (99.7% percentile)