Lucene search
K

9 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:46 p.m.41 views

K57108702: Apache Tika XML External Entity vulnerability CVE-2016-4434

Security Advisory Description Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity XXE attacks via vectors involving 1 spreadsheets in OOXML files and 2 XMP metadata in PDF and other file formats,...

7.8CVSS8AI score0.03449EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/10/17 3:44 p.m.10 views

biz.netcentric.cq.tools.accesscontroltool:sling-minimum-version-environment (>=4.2.0 <=4.2.1), com.adobe.cq.commerce:cq-commerce-hybris-impl (>=5.6.100 <=6.4.4) +632 more potentially affected by CVE-2016-4434 via org.apache.tika:tika-core (>=0.4 <=1.12)

org.apache.tika:tika-core MAVEN version =0.4, =4.2.0, =5.6.100, =2.0.6, =1.0.10, =1.0.12, =1.0.8, =0.6, =1.0.8, =1.0.12 and more Source cves: CVE-2016-4434 Source advisory: OSV:GHSA-4XR4-4C65-HJ7F...

7.8CVSS7.2AI score0.03449EPSS
Exploits0
NVD
NVD
added 2017/09/30 1:29 a.m.20 views

CVE-2016-4434

Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity XXE attacks via vectors involving 1 spreadsheets in OOXML files and 2 XMP metadata in PDF and other file formats, a related issue to...

7.8CVSS6.3AI score0.03449EPSS
Exploits0References6
CVE
CVE
added 2017/09/29 8:0 p.m.109 views

CVE-2016-4434

CVE-2016-4434 (Apache Tika) affects Tika prior to 1.13, where improper initialization of the XML parser/handlers enables XML External Entity (XXE) attacks via OOXML spreadsheets and XMP metadata in PDFs and other formats. The root cause is an XXE vulnerability in XML parsing that can lead to read...

7.8CVSS7.5AI score0.03449EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2017/09/29 8:0 p.m.40 views

CVE-2016-4434

Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity XXE attacks via vectors involving 1 spreadsheets in OOXML files and 2 XMP metadata in PDF and other file formats, a related issue to...

6.4AI score0.03449EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2017/02/14 4:41 p.m.36 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization security and bug fix update

An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS7.9AI score0.17239EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2017/02/02 8:33 p.m.37 views

Moderate: Red Hat Security Advisory: Red Hat JBoss BRMS security update

An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.8CVSS6.7AI score0.04758EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2016/06/14 12:0 a.m.75 views

SOL57108702 - Apache Tika XML External Entity vulnerability CVE-2016-4434

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.8CVSS2.4AI score0.03449EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2016/05/27 9:18 a.m.38 views

CVE-2016-4434

It was found that the parsing of OOXML, XMP in PDF, and some other file formats by Apache Tika would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XX...

7.8CVSS5.4AI score0.03449EPSS
Exploits0References1
Rows per page
Query Builder