Lucene search
GoogleOSV:GHSA-WRX5-RP7M-MM49HistoryOct 06, 2022 - 6:52 p.m.
JXPath vulnerable to remote code execution when interpreting untrusted XPath expressions
2022-10-0618:52:05
Google
osv.dev
35
jxpath
vulnerability
remote code execution
xpath
expressions
java classpath
Those using JXPath to interpret untrusted XPath expressions may be vulnerable to a remote code execution attack. All JXPathContext class functions processing a XPath string are vulnerable except compile() and compilePath() function. The XPath expression can be used by an attacker to load any Java class from the classpath resulting in code execution.
Related
cve
cve
CVE-2022-41852
2022-10-06 18:17:05
cvelist
cvelist
CVE-2022-41852
1976-01-01 00:00:00
github
github
veracode
veracode
Remote Code Execution (RCE)
2022-10-12 10:01:17
nvd
nvd
CVE-2022-41852
2022-10-06 18:17:05
githubexploit
githubexploit
Exploit for CVE-2022-41852
2022-10-14 12:09:19
redhatcve
redhatcve
CVE-2022-41852
2022-10-19 12:17:59
debiancve
debiancve
CVE-2022-41852
2022-10-06 18:17:00
ubuntucve
ubuntucve
osv
osv
Remote Code Execution (RCE) vulnerability in geoserver
2024-07-01 20:34:50
ibm
ibm
redhat
redhat
Related for OSV:GHSA-WRX5-RP7M-MM49