10 matches found
Improper Input Validation in Apache Axis2
Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server WAS 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly...
GHSA-23VV-V25H-QWQW Improper Input Validation in Apache Axis2
Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server WAS 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly...
Apache ODE Path Traversal vulnerability
The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion. This issue was...
GHSA-JF7G-5Q92-4HP2 Apache ODE Path Traversal vulnerability
The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion. This issue was...
Apache ODE Override Vulnerability
Apache ODE is the United States Apache Apache Software Foundation , a business process building engine , it has to communicate with Web services , send and receive messages , handle data manipulation and error recovery functions . A security vulnerability exists in Apache ODE. An attacker could...
CVE-2018-1316
The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion. This issue was...
CVE-2018-1316
The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion. This issue was...
Directory traversal
The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion. This issue was...
CVE-2018-1316
CVE-2018-1316 concerns the Apache ODE process deployment web service, which was vulnerable to directory traversal via a forged deployment name. The root cause was using a path for the deployment name, allowing traversal with .. in a request parameter, leading to potential writes to unintended loc...
CVE-2018-1316
The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion. This issue was...