Lucene search
K

156 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/11/22 3:43 p.m.44 views

Security Bulletin: Apache Commons Text as used by IBM QRadar SIEM is vulnerable to code execution [CVE-2022-42889]

Summary Apache Commons Text as used by IBM QRadar SIEM is vulnerable to arbitrary code execution. IBM has addressed the relevant CVE. CVE-2022-42889 Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary code on the system,...

9.8CVSS9.9AI score0.99931EPSS
Exploits41Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/22 3:22 p.m.51 views

Security Bulletin: Apache Commons Text as used by IBM Cloud Pak for Security is vulnerable to code execution [CVE-2022-42889]

Summary Apache Commons Text as used by IBM Cloud Pak for Security is vulnerable to arbitrary code execution. IBM has addressed the relevant CVE. CVE-2022-42889 Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary code on th...

9.8CVSS9.9AI score0.99931EPSS
Exploits41Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/22 7:56 a.m.229 views

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to remote code execution due to Apache Commons Text (CVE-2022-42889)

Summary There is a vulnerability in Apache Commons Text used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVE CVE-2022-42889. Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could...

9.8CVSS9.7AI score0.99931EPSS
Exploits41Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/22 7:55 a.m.188 views

Security Bulletin: IBM Sterling Connect:Direct File Agent is vulnerable to remote code execution due to Apache Commons Text (CVE-2022-42889)

Summary There is a vulnerability in Apache Commons Text used by IBM Sterling Connect:Direct File Agent. IBM Sterling Connect:Direct File Agent has addressed the applicable CVE CVE-2022-42889. Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker...

9.8CVSS9.8AI score0.99931EPSS
Exploits41Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/22 5:48 a.m.46 views

Security Bulletin: Vulnerability in Apache Commons Text used by Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2022-42889)

Summary There is a potential vulnerability in Apache Commons Text that could allow remote attacker to execute arbitrary code. This has been fixed. Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary code on the system,...

9.8CVSS9.9AI score0.99931EPSS
Exploits41Affected Software1
Atlassian
Atlassian
added 2022/11/17 4:5 p.m.65 views

Upgrade Apache Commons-text for CVE-2022-42889

h3. DISCLAIMER panel:bgColor=e3fcef ! Crowd IS NOT VULNERABLE to CVE-2022-42889|https://vulners.com/cve/CVE-2022-42889. This bug was created to track the change required to upgrade the Apache Commons Text library and can be used by customers to follow its progress and get notified on the next...

9.8CVSS9.1AI score0.99931EPSS
Exploits41
Atlassian
Atlassian
added 2022/11/10 5:3 p.m.85 views

Upgrade Apache Commons-text for CVE-2022-42889

h3. DISCLAIMER panel:bgColor=e3fcef ! Confluence IS NOT VULNERABLE to CVE-2022-42889|https://vulners.com/cve/CVE-2022-42889. This bug was created to track the change required to upgrade the Apache Commons Text library and can be used by customers to follow its progress and get notified on the nex...

9.8CVSS9.1AI score0.99931EPSS
Exploits41
Palo Alto Networks
Palo Alto Networks
added 2022/11/09 5:0 p.m.83 views

Impact of Apache Text Commons Vulnerability CVE-2022-42889

Palo Alto Networks has evaluated the Apache Commons Text library vulnerability CVE-2022-42889, known as Text4Shell, for all products and services. The Palo Alto Networks Product Security Assurance team has confirmed that all products and services are not impacted by this vulnerability. Work aroun...

9.8CVSS2.4AI score0.99931EPSS
Exploits41References1
GithubExploit
GithubExploit
added 2022/11/07 7:19 a.m.428 views

Exploit for Code Injection in Apache Commons_Text

Install maven - maven-linuxhttps://www.digitalocean.com/c...

9.8CVSS7.9AI score0.99931EPSS
Exploits41
GithubExploit
GithubExploit
added 2022/11/05 7:32 a.m.379 views

Exploit for Code Injection in Apache Commons_Text

CVE-2022-42889 a.k.a. Text4Shell RCE Proof of Concept !ima...

9.8CVSS8.3AI score0.99931EPSS
Exploits41
GithubExploit
GithubExploit
added 2022/11/04 7:26 p.m.252 views

Exploit for Code Injection in Apache Commons_Text

CVE-2022-42889-PoC Proof of Concept for CVE-2022-42889 remote...

9.8CVSS8.7AI score0.99931EPSS
Exploits41
GithubExploit
GithubExploit
added 2022/11/04 7:26 p.m.415 views

Exploit for Code Injection in Apache Commons_Text

CVE-2022-42889-PoC Proof of Concept for CVE-2022-42889 remote...

9.8CVSS8.7AI score0.99931EPSS
Exploits41
Rapid7 Blog
Rapid7 Blog
added 2022/11/04 1:0 p.m.240 views

Rapid7’s Impact from Apache Commons Text Vulnerability (CVE-2022-42889)

As stated in our Apache Commons Text blog post, CVE-2022-42889 is a vulnerability in the popular Apache Commons Text library that can result in code execution when processing malicious input, and affects versions 1.5 through 1.9. This vulnerability has been patched as of Commons Text version 1.10...

1AI score0.99931EPSS
Exploits41
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/02 2:15 a.m.81 views

Security Bulletin: IBM SPSS Modeler is vulnerable to Apache Commons Text [CVE-2022-42889]

Summary Apache Commons Text is used by IBM SPSS Modeler as part of the spark function. This vulnerability is addressed. CVE-2022-42889 Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary code on the system, caused by an...

9.8CVSS9.8AI score0.99931EPSS
Exploits41Affected Software1
Trellix
Trellix
added 2022/11/02 12:0 a.m.81 views

The Bug Report October 2022 Edition

The Bug Report — October 2022 Edition By Trellix · November 2, 2022 This story was written by Richard Johnson. Do ROP exploits count as jmp scares? Why am I here? Welcome back to the Bug Report: Spooky Edition, and we’ve got bugs crawling out of the walls! Of all the months we do this, we’ve foun...

0.3AI score0.9997EPSS
Exploits57
Trellix
Trellix
added 2022/11/02 12:0 a.m.45 views

The Bug Report October 2022 Edition

The Bug Report — October 2022 Edition By Trellix · November 2, 2022 This story was written by Richard Johnson. Do ROP exploits count as jmp scares? Why am I here? Welcome back to the Bug Report: Spooky Edition, and we’ve got bugs crawling out of the walls! Of all the months we do this, we’ve foun...

9.8CVSS9.6AI score0.9997EPSS
Exploits57
Qualys Blog
Qualys Blog
added 2022/10/27 5:59 p.m.172 views

Text4Shell: Detect, Prioritize and Remediate The Risk Across On-premise, Cloud, Container Environment Using Qualys Platform

On 2022-10-13, Apache Security Team disclosed a critical vulnerability with CVE-2022-42889 affecting the popular Apache Commons Text library. This vulnerability is popularly named “Text4Shell” which when exploited can allow an unauthenticated attacker to execute arbitrary code on the vulnerable...

0.1AI score0.99931EPSS
Exploits41
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/27 3:18 p.m.45 views

Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.8 and earlier

Summary This fix upgrades to Websphere Liberty 22.0.0.10, NodeJs 14.20.1, Jackson 2.14.0-rc1, Protobuf 3.16.3, Apache commons-text 1.10.0 Vulnerability Details CVEID:CVE-2022-35256 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by the failure to correctly handle header field...

9.8CVSS9.1AI score0.99931EPSS
Exploits46Affected Software1
Qualys Blog
Qualys Blog
added 2022/10/25 9:55 p.m.264 views

CVE-2022-42889: Detect Text4Shell via Qualys Container Security

A new critical vulnerability CVE-2022-42889 Text4Shell in Apache Commons Text library was reported by Alvaro Muñoz. The vulnerability, when exploited could result in remote code execution RCE applied to untrusted input due to insecure interpolation defaults. As a result, this CVE is rated at CVSS...

1.6AI score0.99931EPSS
Exploits41
Atlassian
Atlassian
added 2022/10/24 10:35 p.m.155 views

Upgrade Apache Commons-text to mitigate CVE-2022-42889 (excludes bundled OpenSearch)

h3. DISCLAIMER panel:title=Bundled OpenSearch|borderStyle=solid|borderColor=3c78b5|titleBGColor=3c78b5|bgColor=e7f4fa This issues only covers commons-text usages in the Bitbucket WebApp, not the bundled OpenSearch. To track the upgrade of OpenSearch to a version that contains an updated...

9.8CVSS1.3AI score0.99931EPSS
Exploits41
Rows per page
Query Builder