CVE-2017-20189

Name of the Vulnerable Software and Affected Versions Clojure versions prior to 1.9.0

Description The issue is related to the deserialization of untrusted data in the Clojure programming language interpreter. It allows a remote attacker to execute arbitrary code upon deserialization. This is particularly relevant in scenarios where a server deserializes objects from untrusted sources.

Recommendations For versions prior to 1.9.0, update to version 1.9.0 or later to resolve the issue. As a temporary workaround, consider restricting the deserialization of untrusted objects to minimize the risk of exploitation.