Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2022/05/24 4:45 p.m.11 views

org.apache.karaf.config:org.apache.karaf.config.command (>=3.0.0 <=3.0.10), org.apache.karaf.features:standard (>=4.0.0 <=4.2.16) +3 more potentially affected by CVE-2019-0226 via org.apache.karaf.config:org.apache.karaf.config.core (>=3.0.0 <=4.2.4)

org.apache.karaf.config:org.apache.karaf.config.core MAVEN version =3.0.0, =3.0.0, =4.0.0, =13.0, =13.12 Source cves: CVE-2019-0226 Source advisory: OSV:GHSA-FJW4-39PG-VF4F...

5.5CVSS5.8AI score0.01836EPSS
Exploits0
NVD
NVD
added 2019/05/09 2:29 p.m.26 views

CVE-2019-0226

Apache Karaf Config service provides a install method via service or MBean that could be used to travel in any directory and overwrite existing file. The vulnerability is low if the Karaf process user has limited permission on the filesystem. Any Apache Karaf version before 4.2.5 is impacted. Use...

5.5CVSS5AI score0.01836EPSS
Exploits0References2
CVE
CVE
added 2019/05/09 1:31 p.m.89 views

CVE-2019-0226

CVE-2019-0226 affects Apache Karaf Config service. A relative path traversal via the install method (via service or MBean) could be used to traverse directories and overwrite files. Any Karaf version before 4.2.5 is affected; impact depends on the filesystem permissions of the Karaf process user....

5.5CVSS4.9AI score0.01836EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/05/09 1:31 p.m.31 views

CVE-2019-0226

Apache Karaf Config service provides a install method via service or MBean that could be used to travel in any directory and overwrite existing file. The vulnerability is low if the Karaf process user has limited permission on the filesystem. Any Apache Karaf version before 4.2.5 is impacted. Use...

5AI score0.01836EPSS
Exploits0References2
Rows per page
Query Builder