Lucene search
GitHub Advisory DatabaseGHSA-RHQJ-4PP8-VVGFHistoryMay 14, 2022 - 1:27 a.m.
Injection in Jolokia agent
2022-05-1401:27:09
CWE-74
GitHub Advisory Database
github.com
25
0.892 High
EPSS
Percentile
98.7%
A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 in the proxy mode that allows a remote attacker to run arbitrary Java code on the server.
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.jolokia:jolokia-core | lt | 1.5.0 |
References
access.redhat.com/errata/RHSA-2018:2669
github.com/advisories/GHSA-rhqj-4pp8-vvgf
github.com/rhuss/jolokia/commit/1b360b8889f0ed51165a8d1ac55dd8e0aa2dfd4a
github.com/rhuss/jolokia/commit/fd7b93da30c61a45bac10d8b311f1b79a74910f5
github.com/rhuss/jolokia/releases/tag/v1.5.0
jolokia.org/#Security_fixes_with_1.5.0
nvd.nist.gov/vuln/detail/CVE-2018-1000130
Related
prion
prion
Design/Logic Flaw
2018-03-14 13:29:00
veracode
veracode
Remote Code Execution (RCE)
2018-03-15 08:02:25
redhatcve
redhatcve
CVE-2018-1000130
2018-03-22 09:49:10
cvelist
cvelist
CVE-2018-1000130
2018-03-14 13:00:00
osv
osv
CVE-2018-1000130
2018-03-14 13:29:00
Injection in Jolokia agent
2022-05-14 01:27:09
cve
cve
CVE-2018-1000130
2018-03-14 13:29:00
nuclei
nuclei
Jolokia Agent - JNDI Code Injection
2021-06-22 12:32:30
seebug
seebug
Jolokia Vulnerabilities - RCE & XSS(CVE-2018-1000130,CVE-2018-1000129)
2018-04-19 00:00:00
redhat
redhat
(RHSA-2018:2669) Important: Fuse 7.1 security update
2018-09-11 07:52:48