Lucene search
K

77 matches found

Positive Technologies
Positive Technologies
added 2023/09/06 12:0 a.m.9 views

PT-2023-6522

Name of the Vulnerable Software and Affected Versions WireMock versions prior to 2.35.1 WireMock versions prior to 3.0.3 Python WireMock versions prior to 2.6.1 WireMock Studio all versions Description The issue is related to the proxy mode of WireMock, which can be protected by network...

6.8CVSS6.8AI score0.00571EPSS
Exploits0References14
Veracode
Veracode
added 2018/04/02 7:22 a.m.14 views

Directory Traversal Through XML External Entity (XXE)

wiremock is vulnerable to directory traversal through XML External Entity XXE attacks. The application does not disable DTD during XPATH Evaluation, allowing a malicious user to traverse the directory...

5.3CVSS5.5AI score0.02658EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2018/04/02 6:58 a.m.17 views

Denial Of Service (DoS) Through XML External Entity (XXE) Injection

wiremock is vulnerable to Denial of Service DoS attacks. The application does not disable the downloading of DTDs during XML parsing, allowing a malicious user to inject external entities to consume resources...

9.1CVSS8.9AI score0.01984EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2018/03/29 7:29 a.m.4 views

CVE-2018-9117

WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal...

5.3CVSS5.6AI score0.02658EPSS
Exploits0References3
Prion
Prion
added 2018/03/29 7:29 a.m.17 views

Directory traversal

WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal...

5CVSS5.3AI score0.02658EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/03/29 7:29 a.m.19 views

CVE-2018-9117

WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal...

5.3CVSS5.3AI score0.02658EPSS
Exploits0References1
OSV
OSV
added 2018/03/29 7:29 a.m.11 views

CVE-2018-9117

WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal...

5.3CVSS7AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/03/29 7:29 a.m.4 views

CVE-2018-9116

An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service...

9.1CVSS5.7AI score0.01984EPSS
Exploits0References3
NVD
NVD
added 2018/03/29 7:29 a.m.17 views

CVE-2018-9116

An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service...

9.1CVSS9AI score0.01984EPSS
Exploits0References1
OSV
OSV
added 2018/03/29 7:29 a.m.12 views

CVE-2018-9116

An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service...

9.1CVSS7.1AI score0.01984EPSS
Exploits0References1
Prion
Prion
added 2018/03/29 7:29 a.m.18 views

Xxe

An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service...

6.4CVSS8.9AI score0.01984EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/03/29 7:0 a.m.48 views

CVE-2018-9117

CVE-2018-9117 affects WireMock before 2.16.0, where a remote unauthenticated attacker can access local files outside the application directory by sending a specially crafted XML request, i.e., a Directory Traversal. Root cause described as an XML-based traversal vulnerability; several connected s...

5.3CVSS5.2AI score0.02658EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/03/29 7:0 a.m.16 views

CVE-2018-9117

WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal...

5.3AI score0.02658EPSS
Exploits0References1
CVE
CVE
added 2018/03/29 7:0 a.m.47 views

CVE-2018-9116

CVE-2018-9116 is an XXE vulnerability in WireMock prior to 2.16.0. A remote unauthenticated attacker can access local files and internal resources and may cause a Denial of Service by abusing XML External Entity processing. Affected product: WireMock (versions before 2.16.0). Root cause: XML pars...

9.1CVSS8.9AI score0.01984EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/03/29 7:0 a.m.19 views

CVE-2018-9116

An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service...

9AI score0.01984EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/29 12:0 a.m.6 views

WireMock Directory Traversal Vulnerability

WireMock is an open source HTTP-based API simulator . A security vulnerability exists in WireMock versions prior to 2.16.0. A remote attacker could exploit the vulnerability by sending specially crafted XML requests to access local files outside of the application directory...

5.3CVSS6.7AI score0.02658EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/29 12:0 a.m.4 views

WireMock XML External Entity Injection Vulnerability

WireMock is an open source HTTP-based API simulator . An XML external entity vulnerability exists in WireMock versions prior to 2.16.0. A remote attacker could exploit this vulnerability to access local files and internal resources and potentially cause a denial of service...

9.1CVSS6.6AI score0.01984EPSS
Exploits0References1
Rows per page
Query Builder