Lucene search
+L

8 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : ESAPI vulnerabilities (USN-8181-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8181-1 advisory. Jaroslav Lobaevski discovered that ESAPI incorrectly validated directory paths during path verification. ...

9.8CVSS5.8AI score0.02829EPSS
Exploits4References4
Debian
Debian
added 2025/07/22 1:10 a.m.215 views

[SECURITY] [DLA 4246-1] libowasp-esapi-java security update

Debian LTS Advisory DLA-4246-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany July 22, 2025 https://wiki.debian.org/LTS Package : libowasp-esapi-java Version : 2.4.0.0-0+deb11u1 CVE ID : CVE-2022-23457 CVE-2022-24891 CVE-2025-5878 Debian Bug : 1010339 1109378...

9.8CVSS6.7AI score0.02829EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2025/07/22 12:0 a.m.10 views

Debian dla-4246 : libowasp-esapi-java - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4246 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4246-1 [email protected]...

9.8CVSS6.9AI score0.02829EPSS
Exploits4References8
OpenVAS
OpenVAS
added 2025/07/22 12:0 a.m.7 views

Debian: Security Advisory (DLA-4246-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.02829EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2025/02/05 11:28 p.m.18 views

CVE-2022-23457

ESAPI The OWASP Enterprise Security API is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of Validator.getValidDirectoryPathString, String, File, boolean may incorrectly treat the tested input string as a child of the specified...

9.8CVSS6.7AI score0.02829EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2022/10/20 12:0 a.m.47 views

Oracle Primavera Unifier (Oct 2022 CPU)

The versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Document Management Apache Solr. Supported...

9.8CVSS6.5AI score0.22709EPSS
Exploits4References8
CVE
CVE
added 2022/04/25 12:0 a.m.906 views

CVE-2022-23457

CVE-2022-23457 affects ESAPI (OWASP Enterprise Security API) Java legacy. The default implementation of Validator.getValidDirectoryPath(String, String, File, boolean) before version 2.3.0.0 may treat the input string as a child of the specified parent directory, potentially bypassing control-flow...

9.8CVSS8.6AI score0.02829EPSS
Exploits2References6Affected Software1
Vulnrichment
Vulnrichment
added 2022/04/25 12:0 a.m.14 views

CVE-2022-23457 Path Traversal in ESAPI

ESAPI The OWASP Enterprise Security API is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of Validator.getValidDirectoryPathString, String, File, boolean may incorrectly treat the tested input string as a child of the specified...

7.5CVSS9.5AI score0.02829EPSS
Exploits2References5
Rows per page
Query Builder