156 matches found
Security Bulletin: IBM Cognos Command Center is vulnerable to a remote code execution vulnerability in Apache Commons Text (CVE-2022-42889)
Summary A remote code execution vulnerability in Apache Commons Text used by IBM Cognos Command Center was addressed. Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary code on the system, caused by an insecure...
apache-commons-text: variable interpolation RCE
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...
apache-commons-text: variable interpolation RCE
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...
Oracle Business Intelligence Enterprise Edition (OAS) (Apr 2023 CPU)
The versions of Oracle Business Intelligence Enterprise Edition OBIEE OAS installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory. - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics componen...
Vulnerabilities fixed in Juniper JunOS
Juniper has fixed vulnerabilities in JunOS. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote code execution...
apache-commons-text: variable interpolation RCE
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...
apache-commons-text: variable interpolation RCE
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...
Critical: Red Hat Security Advisory: OpenShift Container Platform 4.9.59 security update
Red Hat OpenShift Container Platform release 4.9.59 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which...
Exploit for Code Injection in Apache Commons_Text
CVE-2022-42889-POC A simple demo application that shows how to...
apache-commons-text: variable interpolation RCE
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...
Security Bulletin: IBM Security Guardium is affected by the following vulnerabilities [CVE-2022-39166, CVE-2022-34917, CVE-2022-42889]
Summary IBM Security Guardium has addressed these vulnerabilities CVE-2022-39166, CVE-2022-34917, CVE-2022-42889 Vulnerability Details CVEID:CVE-2022-39166 DESCRIPTION: IBM Security Guardium could allow a privileged user to obtain sensitive information inside of an HTTP response. CVSS Base score:...
Exploit for Code Injection in Apache Commons_Text
Text4Shell CVE-2022-42889 Docker Lab for CVE-2022-42889...
K24823443: Apache Commons Text vulnerability CVE-2022-42889
Security Advisory Description Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup tha...
SUSE CVE-2022-42889
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation...
Security Bulletin: IBM Db2 Web Query for i is vulnerable to arbitrary code execution due to Apache Commons Text [CVE-2022-42889]
Summary Db2 Web Query is vulnerable to arbitrary code execution due to Apache Commons Text CVE-2022-42889. Apache Commons Text is used by IBM Db2 Web Query for i for string functionality. The fix includes Apache Commons Text 1.10.0. Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache...
Security Bulletin: Vulnerability in Apache Commons Text affects IBM Process Mining . CVE-2022-42889
Summary There is a vulnerability in Apache Commons Text that could allow a remote attacker to execute arbitrary code on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2022-42889...
apache-commons-text: variable interpolation RCE
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...
Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to remote code execution due to Apache Commons Text [CVE-2022-42889]
Summary IBM Sterling Partner Engagement Manager has addressed a Publicly disclosed vulnerability that are published by Apache Commons - Collections v3.2.1 CVE-2022-42889 Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary...
Oracle Primavera Gateway (Jan 2023 CPU)
The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2023 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin Google Protobuf-Java. Supported versions...
Security Bulletin: IBM Spectrum Conductor is vulnerable to arbitrary code execution [CVE-2022-42889]
Summary Apache Commons Text is used by IBM Spectrum Conductor in Spark 3.0.1. This bulletin provides interim fixes which include Apache Commons Text 1.10.0 to fix arbitrary code execution in IBM Spectrum Conductor. CVE-2022-42889 Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache...