44 matches found
MiracleLinux 9 : pki-core-11.0.6-2.el9.ML.1 (AXSA:2023-5106:02)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5106:02 advisory. pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 Tenable has extracted the preceding description block directly from the...
MiracleLinux 8 : pki-core:10.6 (AXSA:2022-4440:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4440:01 advisory. pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 Tenable has extracted the preceding description block directly from the...
MiracleLinux 7 : pki-core-10.5.18-24.el7 (AXSA:2022-4313:05)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4313:05 advisory. pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 Tenable has extracted the preceding description block directly from the...
TencentOS Server 2: pki-core (TSSA-2022:0289)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0289 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
Linux Distros Unpatched Vulnerability : CVE-2022-2414
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Access to external entities when parsing XML documents can lead to XML external entity XXE attacks. This flaw allows a remote attacker to potentially retrieve t...
U.S. Dept Of Defense: XML E██████ternal Entity (XXE) Injection in ███
The vulnerability described in CVE-2022-2414 was an XML External Entity XXE injection flaw. XXE vulnerabilities occur when an application improperly processes XML input containing references to external entities. This allowed access to arbitrary files on the server...
VulnCheck KEV: CVE-2022-2414
Access to external entities when parsing XML documents can lead to XML external entity XXE attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests...
Rocky Linux 9 : pki-core (RLSA-2022:7326)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7326 advisory. - Access to external entities when parsing XML documents can lead to XML external entity XXE attacks. This flaw allows a remote attacker to potentially retrieve...
Exploit for Improper Restriction of XML External Entity Reference in Dogtagpki
CVE-2022-2414 CVE-2022-24...
Exploit for Improper Restriction of XML External Entity Reference in Dogtagpki
CVE-2022-2414 CVE-2022-24...
Huawei EulerOS: Security Advisory for pki-core (EulerOS-SA-2023-2197)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : pki-core (EulerOS-SA-2023-2164)
According to the versions of the pki-core packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Access to external entities when parsing XML documents can lead to XML external entity XXE attacks. This flaw allows a remote attacker to...
Huawei EulerOS: Security Advisory for pki-core (EulerOS-SA-2023-2164)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : pki-core (EulerOS-SA-2023-2197)
According to the versions of the pki-core package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Access to external entities when parsing XML documents can lead to XML external entity XXE attacks. This flaw allows a remote attacker to...
Important: Red Hat Security Advisory: pki-core:10.6 security update
An update for the pki-core:10.6 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
Important: Red Hat Security Advisory: pki-core:10.6 security update
An update for the pki-core:10.6 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
RHEL 8 : pki-core:10.6 (RHSA-2023:1966)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1966 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: pki-core: access to...
RHEL 8 : pki-core:10.6 (RHSA-2023:1747)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1747 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: pki-core: access to...
Important: Red Hat Security Advisory: pki-core:10.6 security update
An update for the pki-core:10.6 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...
CentOS: Security Advisory for pki-base (CESA-2022:8799)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...