156 matches found
CVE-2022-42889
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...
Arbitrary Code Execution
Apache Commons Text is vulnerable to Arbitrary Code Execution. The vulnerability exists in the lookup module due to insecure interpolation defaults when untrusted configuration values are used which allows an attacker to inject arbitrary code into the system...
Apache Commons Text remote code execution vulnerability
Apache Commons Text is a library focused on string algorithms from the Apache Foundation, U.S. A remote code execution vulnerability exists in Apache Commons Text versions 1.5 through 1.9, which is caused by an insecure interpolation default flaw. An attacker could exploit this vulnerability to...
Arbitrary code execution in Apache Commons Text
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation...
GHSA-599F-7C49-W659 Arbitrary code execution in Apache Commons Text
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation...
CVE-2022-42889
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation...
CVE-2022-42889
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation...
DEBIAN-CVE-2022-42889
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation...
Design/Logic Flaw
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation...
UBUNTU-CVE-2022-42889
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation...
CVE-2022-42889 Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation...
Apache Commons Text 代码注入漏洞
Apache Commons Text is a library focused on string algorithms from the Apache Foundation, U.S. A remote code execution vulnerability exists in Apache Commons Text versions 1.5 through 1.9, which is caused by an insecure interpolation default flaw. An attacker could exploit this vulnerability to...
PT-2022-5052
Name of the Vulnerable Software and Affected Versions Apache Commons Text versions 1.5 through 1.9 Description The issue concerns a vulnerability in Apache Commons Text that allows for variable interpolation, enabling properties to be dynamically evaluated and expanded. The standard format for...
CVE-2022-42889 Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation...
CVE-2022-42889
CVE-2022-42889 affects Apache Commons Text 1.5–1.9 where default interpolation lookups (script, dns, url) can trigger arbitrary code execution or remote access when untrusted values are used. The vulnerability can lead to remote code execution or unintended contact with remote servers via the Str...
CVE-2022-42889
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation...