Lucene search
+L

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : ESAPI vulnerabilities (USN-8181-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8181-1 advisory. Jaroslav Lobaevski discovered that ESAPI incorrectly validated directory paths during path verification. ...

9.8CVSS5.8AI score0.02829EPSS
Exploits4References4
Debian
Debian
added 2025/07/22 1:10 a.m.215 views

[SECURITY] [DLA 4246-1] libowasp-esapi-java security update

Debian LTS Advisory DLA-4246-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany July 22, 2025 https://wiki.debian.org/LTS Package : libowasp-esapi-java Version : 2.4.0.0-0+deb11u1 CVE ID : CVE-2022-23457 CVE-2022-24891 CVE-2025-5878 Debian Bug : 1010339 1109378...

9.8CVSS6.7AI score0.02829EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2025/07/22 12:0 a.m.10 views

Debian dla-4246 : libowasp-esapi-java - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4246 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4246-1 [email protected]...

9.8CVSS6.9AI score0.02829EPSS
Exploits4References8
OpenVAS
OpenVAS
added 2025/07/22 12:0 a.m.7 views

Debian: Security Advisory (DLA-4246-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.02829EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 p.m.11 views

CVE-2022-24891

ESAPI The OWASP Enterprise Security API is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for "onsiteURL" in the antisamy-esapi.xml configurati...

6.1CVSS5.9AI score0.01688EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2022-24891

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ESAPI The OWASP Enterprise Security API is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a...

6.1CVSS6.5AI score0.01688EPSS
Exploits1References2
CVE
CVE
added 2022/04/27 12:0 a.m.824 views

CVE-2022-24891

CVE-2022-24891 affects ESAPI (antisamy-esapi.xml) where an incorrect regular expression for onsiteURL could allow JavaScript: URLs to escape proper sanitization. The issue is fixed in ESAPI 2.3.0.0; workaround is to manually edit antisamy-esapi.xml to adjust the onsiteURL regex. Connected sources...

6.1CVSS5.7AI score0.01688EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder