Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.4 views

Amazon Linux 2023 : xmlunit, xmlunit-assertj, xmlunit-core (ALAS2023-2025-1260)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1260 advisory. XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XSLT extension functions are enabled...

4CVSS8AI score0.00216EPSS
Exploits0References4
Amazon
Amazon
added 2025/11/10 12:0 a.m.8 views

Important: xmlunit

Issue Overview: XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XSLT extension functions are enabled. CVE-2024-31573 Affected Packages: xmlunit Issue Correction: Run dnf update xmlunit...

4CVSS7.6AI score0.00216EPSS
Exploits0
NVD
NVD
added 2025/10/17 7:15 p.m.6 views

CVE-2024-31573

XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XSLT extension functions are enabled...

4CVSS0.00216EPSS
Exploits0References3
CVE
CVE
added 2025/10/17 12:0 a.m.5934 views

CVE-2024-31573

CVE-2024-31573 affects XMLUnit for Java prior to 2.10.0. In default configurations, XSLT extension functions are enabled during an XSLT transformation, which may allow code execution via an untrusted stylesheet. The vulnerability is described across multiple connected documents (including Nessus ...

4CVSS7.8AI score0.00216EPSS
Exploits0References3
OSV
OSV
added 2025/08/08 11:16 a.m.4 views

OESA-2025-1968 xmlunit security update

Security Fixes: A vulnerability was found in xmlunit-core. It has been declared as problematic.As an impact it is known to affect confidentiality, integrity, and availability.Upgrading to version 2.10.0 eliminates this vulnerability.CVE-2024-31573...

4CVSS6.7AI score0.00216EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.22 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to XMLUnit for Java arbitrary code execution vulnerability [CVE-2024-31573]

Summary Potential XMLUnit for Java arbitrary code execution vulnerability CVE-2024-31573 have been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details...

4CVSS8AI score0.00216EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.17 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to xmlunit-core-2.9.1.jar CVE-2024-31573

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to xmlunit-core-2.9.1.jar CVE-2024-31573. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-31573 DESCRIPTION: XMLUnit for Java could allow an attacker to execute...

4CVSS7.6AI score0.00216EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2024/05/01 4:40 p.m.5 views

org.xmlunit:xmlunit-legacy (>=2.0.0 <=2.0.0-alpha-04), org.xmlunit:xmlunit-matchers (>=2.0.0 <=2.0.0-alpha-04) potentially affected by CVE-2024-31573 via org.xmlunit:xmlunit-core (>=2.0.0-alpha-02 <=2.0.0)

org.xmlunit:xmlunit-core MAVEN version =2.0.0-alpha-02, =2.0.0, =2.0.0, =2.0.0-alpha-04 Source cves: CVE-2024-31573 Source advisory: OSV:GHSA-CHFM-68VV-PVW5...

4CVSS7.2AI score0.00216EPSS
Exploits0
Rows per page
Query Builder