Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-26336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files...

5.5CVSS6.8AI score0.0152EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/07 1:51 p.m.74 views

Security Bulletin: Apache POI is vulnerable to a denial of service, caused by an out of memory exception flaw in the HMEF package(CVE-2022-26336)

Summary Apache POI is vulnerable to a denial of service, caused by an out of memory exception flaw in the HMEF package. By persuading a victim to open a specially-crafted TNEF file, a remote attacker could exploit this vulnerability to cause the server to crashCVE-2022-26336 Vulnerability Details...

5.5CVSS5.5AI score0.0152EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2022/07/07 2:19 p.m.171 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.11.0 release and security update

A minor version update from 7.10 to 7.11 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scorin...

10CVSS7.1AI score0.77735EPSS
Exploits48References61
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/04 7:16 p.m.32 views

Security Bulletin: A security vulnerability has been identified in Apache poi-scratchpad shipped with IBM Tivoli Netcool Impact (CVE-2022-26336)

Summary Apache poi-scratchpad is shipped with IBM Tivoli Netcool Impact. Information about a security vulnerability affecting Apache poi-scratchpad has been published in a security bulletin. Vulnerability Details CVEID: CVE-2022-26336 DESCRIPTION: Apache POI is vulnerable to a denial of service,...

5.5CVSS1.3AI score0.0152EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 2:54 p.m.31 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache POI

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Apache POI. Vulnerability Details CVEID: CVE-2022-26336 DESCRIPTION: Apache POI is vulnerable to a denial of service, caused by an out of memory exception flaw in the HMEF package. By persuading a victim to...

5.5CVSS1.3AI score0.0152EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2022/03/05 12:0 a.m.8 views

ai.stainless:grails-tika (=0.1.0), be.ugent.idlab.knows:dataio (>=1.2.0 <=1.3.1) +637 more potentially affected by CVE-2022-26336 via org.apache.poi:poi-scratchpad (>=3.8-beta1 <=5.2.0)

org.apache.poi:poi-scratchpad MAVEN version =3.8-beta1, =1.2.0, =1.3, =1.0.7, =1.0.7, =1.0.1, =0.0.4, =1.0.0, =1.0.0, =1.0.3 - cn.com.jeeweb:jeeweb-jwt =1.0.0 - cn.com.jeeweb:jeeweb-minio =1.0.0 and more Source cves: CVE-2022-26336 Source advisory: OSV:GHSA-MQVP-7RRG-9JXC...

5.5CVSS6.6AI score0.0152EPSS
Exploits0
OSV
OSV
added 2022/03/04 12:0 a.m.31 views

CVE-2022-26336 A carefully crafted TNEF file can cause an out of memory exception

A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...

5.5CVSS6.8AI score0.0152EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/03/04 12:0 a.m.28 views

CVE-2022-26336 A carefully crafted TNEF file can cause an out of memory exception

A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...

5.8AI score0.0152EPSS
Exploits0References2
CVE
CVE
added 2022/03/04 12:0 a.m.217 views

CVE-2022-26336

CVE-2022-26336 affects the poi-scratchpad HMEF package in Apache POI used to read TNEF files. The issue can trigger an Out of Memory exception when parsing untrusted TNEF inputs, impacting poi-scratchpad versions up to 5.2.0. The publicly recommended remediation is to upgrade to poi-scratchpad 5....

5.5CVSS5.4AI score0.0152EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder