Lucene search
K

156 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/05/04 8:25 p.m.43 views

Security Bulletin: IBM Cognos Command Center is vulnerable to a remote code execution vulnerability in Apache Commons Text (CVE-2022-42889)

Summary A remote code execution vulnerability in Apache Commons Text used by IBM Cognos Command Center was addressed. Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary code on the system, caused by an insecure...

9.8CVSS9.9AI score0.99931EPSS
Exploits41Affected Software1
RedHat Linux
RedHat Linux
added 2023/05/04 3:59 p.m.8 views

apache-commons-text: variable interpolation RCE

A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...

9.8CVSS7.4AI score0.99931EPSS
Exploits41References7
RedHat Linux
RedHat Linux
added 2023/05/03 3:54 p.m.7 views

apache-commons-text: variable interpolation RCE

A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...

9.8CVSS7.4AI score0.99931EPSS
Exploits41References7
Tenable Nessus
Tenable Nessus
added 2023/04/25 12:0 a.m.39 views

Oracle Business Intelligence Enterprise Edition (OAS) (Apr 2023 CPU)

The versions of Oracle Business Intelligence Enterprise Edition OBIEE OAS installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory. - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics componen...

9.8CVSS6.8AI score0.99931EPSS
Exploits50References17
NCSC
NCSC
added 2023/04/13 12:0 a.m.13 views

Vulnerabilities fixed in Juniper JunOS

Juniper has fixed vulnerabilities in JunOS. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote code execution...

9.8CVSS8.2AI score0.99931EPSS
Exploits41
RedHat Linux
RedHat Linux
added 2023/04/12 12:2 p.m.7 views

apache-commons-text: variable interpolation RCE

A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...

9.8CVSS7.4AI score0.99931EPSS
Exploits41References7
RedHat Linux
RedHat Linux
added 2023/04/05 11:30 p.m.3 views

apache-commons-text: variable interpolation RCE

A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...

9.8CVSS7.4AI score0.99931EPSS
Exploits41References7
RedHat Linux
RedHat Linux
added 2023/04/05 11:30 p.m.57 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.9.59 security update

Red Hat OpenShift Container Platform release 4.9.59 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which...

9.8CVSS7AI score0.99931EPSS
Exploits41References4
GithubExploit
GithubExploit
added 2023/04/04 8:8 p.m.432 views

Exploit for Code Injection in Apache Commons_Text

CVE-2022-42889-POC A simple demo application that shows how to...

9.8CVSS8.1AI score0.99931EPSS
Exploits41
RedHat Linux
RedHat Linux
added 2023/03/08 2:54 p.m.6 views

apache-commons-text: variable interpolation RCE

A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...

9.8CVSS7.4AI score0.99931EPSS
Exploits41References7
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/07 4:39 p.m.52 views

Security Bulletin: IBM Security Guardium is affected by the following vulnerabilities [CVE-2022-39166, CVE-2022-34917, CVE-2022-42889]

Summary IBM Security Guardium has addressed these vulnerabilities CVE-2022-39166, CVE-2022-34917, CVE-2022-42889 Vulnerability Details CVEID:CVE-2022-39166 DESCRIPTION: IBM Security Guardium could allow a privileged user to obtain sensitive information inside of an HTTP response. CVSS Base score:...

9.8CVSS9.2AI score0.99931EPSS
Exploits41Affected Software1
GithubExploit
GithubExploit
added 2023/02/28 12:32 a.m.359 views

Exploit for Code Injection in Apache Commons_Text

Text4Shell CVE-2022-42889 Docker Lab for CVE-2022-42889...

9.8CVSS8AI score0.99931EPSS
Exploits41
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.744 views

K24823443: Apache Commons Text vulnerability CVE-2022-42889

Security Advisory Description Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup tha...

9.8CVSS8.5AI score0.99931EPSS
Exploits41
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.8 views

SUSE CVE-2022-42889

Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation...

9.8CVSS8.3AI score0.99931EPSS
Exploits41References7
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/13 6:25 p.m.118 views

Security Bulletin: IBM Db2 Web Query for i is vulnerable to arbitrary code execution due to Apache Commons Text [CVE-2022-42889]

Summary Db2 Web Query is vulnerable to arbitrary code execution due to Apache Commons Text CVE-2022-42889. Apache Commons Text is used by IBM Db2 Web Query for i for string functionality. The fix includes Apache Commons Text 1.10.0. Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache...

9.8CVSS9.9AI score0.99931EPSS
Exploits41Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/09 10:6 a.m.45 views

Security Bulletin: Vulnerability in Apache Commons Text affects IBM Process Mining . CVE-2022-42889

Summary There is a vulnerability in Apache Commons Text that could allow a remote attacker to execute arbitrary code on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2022-42889...

9.8CVSS9.8AI score0.99931EPSS
Exploits41Affected Software1
RedHat Linux
RedHat Linux
added 2023/01/26 9:42 a.m.9 views

apache-commons-text: variable interpolation RCE

A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...

9.8CVSS7.4AI score0.99931EPSS
Exploits41References7
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/24 7:54 a.m.135 views

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to remote code execution due to Apache Commons Text [CVE-2022-42889]

Summary IBM Sterling Partner Engagement Manager has addressed a Publicly disclosed vulnerability that are published by Apache Commons - Collections v3.2.1 CVE-2022-42889 Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary...

9.8CVSS9.9AI score0.99931EPSS
Exploits41Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/01/20 12:0 a.m.56 views

Oracle Primavera Gateway (Jan 2023 CPU)

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2023 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin Google Protobuf-Java. Supported versions...

9.8CVSS7.3AI score0.99931EPSS
Exploits44References7
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/19 11:52 a.m.72 views

Security Bulletin: IBM Spectrum Conductor is vulnerable to arbitrary code execution [CVE-2022-42889]

Summary Apache Commons Text is used by IBM Spectrum Conductor in Spark 3.0.1. This bulletin provides interim fixes which include Apache Commons Text 1.10.0 to fix arbitrary code execution in IBM Spectrum Conductor. CVE-2022-42889 Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache...

9.8CVSS9.8AI score0.99931EPSS
Exploits41Affected Software1
Rows per page
Query Builder