Lucene search
K

11 matches found

vulnersOsv
vulnersOsv
added 2022/05/14 2:49 a.m.8 views

com.composum.sling.core:composum-sling-core-commons (>=1.3.1 <=1.12.4), com.composum.sling.core:composum-sling-core-console (>=1.6.0 <=1.12.4) +15 more potentially affected by CVE-2015-1833 via org.apache.jackrabbit:jackrabbit-core (>=2.6.0 <=2.6.5)

org.apache.jackrabbit:jackrabbit-core MAVEN version =2.6.0, =1.3.1, =1.6.0, =1.4.0, =2.4.30, =2.4.30, =1.4-M4, =1.4-M4, =2.6.0, =2.6.0, =2.6.0, =1.3.0-beta3, =1.0.0, =1.2.0, =1.3.0-beta2 and more Source cves: CVE-2015-1833 Source advisory: OSV:GHSA-9284-J4C9-779Q...

6.4CVSS5.8AI score0.51488EPSS
Exploits6
vulnersOsv
vulnersOsv
added 2022/05/14 2:49 a.m.6 views

io.inkstand:inkstand-jcr-jackrabbit (>=0.1.1 <=0.1.3), io.inkstand:scribble (>=0.1.0 <=0.2.0-alpha3) +23 more potentially affected by CVE-2015-1833 via org.apache.jackrabbit:jackrabbit-core (=2.8.0)

org.apache.jackrabbit:jackrabbit-core MAVEN version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.jackrabbit:jackrabbit-core and may be impacted: - io.inkstand:inkstand-jcr-jackrabbit =0.1.1, =0.1.0, =0.3.0, =0.3.0, =0.4.0, =0.4.0,...

6.4CVSS5.8AI score0.51488EPSS
Exploits6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.13 views

Mageia: Security Advisory (MGASA-2015-0242)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.5AI score0.51488EPSS
Exploits6References5
OSV
OSV
added 2015/06/08 9:17 p.m.5 views

MGASA-2015-0242 Updated jackrabbit packages fix CVE-2015-1833

Updated jackrabbit packages fix security vulnerability: In Apache Jackrabbit before 2.4.6, When processing a WebDAV request body containing XML, the XML parser can be instructed to read content from network resources accessible to the host, identified by URI schemes such as "https" or "file"...

6.4CVSS6.1AI score0.51488EPSS
Exploits6References4
securityvulns
securityvulns
added 2015/06/08 12:0 a.m.90 views

CVE-2015-1833 &#40;Jackrabbit WebDAV XXE vulnerability&#41;

Dear readers, we just fixed a recently reported vulnerability in Apache Jackrabbit's WebDAV module; see - the attached CVE report - patches for all currently maintained Jackrabbit branches We just released Jackrabbit 2.10.1 see below and we'll get to the other branches shortly. Check the CVE for...

6.4CVSS0.1AI score0.51488EPSS
Exploits6
NVD
NVD
added 2015/05/29 3:59 p.m.12 views

CVE-2015-1833

XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...

6.4CVSS6.4AI score0.51488EPSS
Exploits6References8
OSV
OSV
added 2015/05/29 3:59 p.m.4 views

CVE-2015-1833

XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...

6.3AI score
Exploits0References8
Cvelist
Cvelist
added 2015/05/29 3:0 p.m.33 views

CVE-2015-1833

XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...

6.3AI score0.51488EPSS
Exploits6References8
CVE
CVE
added 2015/05/29 3:0 p.m.118 views

CVE-2015-1833

The CVE-2015-1833 issue is an XXE vulnerability in Apache Jackrabbit’s WebDAV handling where the XML parser can be coerced to read local/network resources. Affected versions include Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10....

6.4CVSS6.4AI score0.51488EPSS
Exploits6References8Affected Software1
Debian CVE
Debian CVE
added 2015/05/29 3:0 p.m.14 views

CVE-2015-1833

XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...

6.4CVSS6.4AI score0.51488EPSS
Exploits6
0day.today
0day.today
added 2015/05/27 12:0 a.m.158 views

Apache Jackrabbit WebDAV XXE Exploit

Exploit for java platform in category web applications !/usr/bin/env python """ Exploit Title: Jackrabbit WebDAV XXE Date: 25-05-2015 Software Link: http://jackrabbit.apache.org/jcr/ Exploit Author: Mikhail Egorov Contact: 0ang3el gmail com Website: http://0ang3el.blogspot.com CVE: CVE-2015-1833...

6.4CVSS0.1AI score0.51488EPSS
Exploits6
Rows per page
Query Builder