← Back to CVE List

CVE-2025-31129

Published: 2025-03-31T19:15Z
Last Modified: 2025-04-01T20:26Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Jooby is a web framework for Java and Kotlin. The pac4j io.jooby.internal.pac4j.SessionStoreImpl#get module deserializes untrusted data. This vulnerability is fixed in 2.17.0 (2.x) and 3.7.0 (3.x). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt