Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-23792

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 are vulnerable to XML External Entity XXE Injection due to an insecurely initialized XML...

9.8CVSS7AI score0.00995EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/05/07 12:0 a.m.5 views

ai.idylnlp:idylnlp-dl4j (>=1.0.0 <=1.1.0), ai.idylnlp:idylnlp-models-deeplearning (>=1.0.0 <=1.1.0) +742 more potentially affected by CVE-2021-23792 via com.twelvemonkeys.imageio:imageio-metadata (>=3.0 <=3.7.0)

com.twelvemonkeys.imageio:imageio-metadata MAVEN version =3.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.3.0 - ai.konduit.serving:konduit-serving-gpu-nano =0.1.0 and more Source cves: CVE-2021-23792 Source advisory: OSV:GHSA-PJCH-4G28-FXX7...

9.8CVSS7.2AI score0.00995EPSS
Exploits0
OSV
OSV
added 2022/05/06 8:15 p.m.11 views

CVE-2021-23792

The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 are vulnerable to XML External Entity XXE Injection due to an insecurely initialized XML parser for reading XMP Metadata. An attacker can exploit this vulnerability if they are able to supply a file e.g. when an online profile...

9.8CVSS9.6AI score
Exploits0References2
Cvelist
Cvelist
added 2022/05/06 8:5 p.m.32 views

CVE-2021-23792 XML External Entity (XXE) Injection

The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 are vulnerable to XML External Entity XXE Injection due to an insecurely initialized XML parser for reading XMP Metadata. An attacker can exploit this vulnerability if they are able to supply a file e.g. when an online profile...

7.3CVSS9.8AI score0.00995EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2022/05/06 8:5 p.m.45 views

CVE-2021-23792

The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 are vulnerable to XML External Entity XXE Injection due to an insecurely initialized XML parser for reading XMP Metadata. An attacker can exploit this vulnerability if they are able to supply a file e.g. when an online profile...

9.8CVSS9.6AI score0.00995EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/12/07 3:29 p.m.5 views

ai.idylnlp:idylnlp-dl4j (>=1.0.0 <=1.1.0), ai.idylnlp:idylnlp-models-deeplearning (>=1.0.0 <=1.1.0) +742 more potentially affected by CVE-2021-23792 via com.twelvemonkeys.imageio:imageio-metadata (>=3.0 <=3.7.0)

com.twelvemonkeys.imageio:imageio-metadata MAVEN version =3.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.3.0 - ai.konduit.serving:konduit-serving-gpu-nano =0.1.0 and more Source cves: CVE-2021-23792 Source advisory: SNYK:JAVA-COMTWELVEMONKEYSIMAGEIO-231676...

9.8CVSS7.2AI score0.00995EPSS
Exploits0
Rows per page
Query Builder