Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/10/04 8:11 a.m.44 views

Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing is vulnerable to a remote attack due to Apache Jena Core

Summary BM Engineering Lifecycle Optimization - Publishing is vulnerable to a remote attack due to Apache Jena Core Vulnerability Details CVEID:CVE-2021-39239 DESCRIPTION: Apache Jena could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity...

9.8CVSS8.4AI score0.04306EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/03 6:54 p.m.70 views

Security Bulletin: IBM Integration Bus is vulnerable to a remote attack due to Apache Jena (CVE-2021-39239, CVE-2022-28890, CVE-2023-22665).

Summary IBM Integration Bus is vulnerable to a remote attack due to Apache Jena CVE-2021-39239, CVE-2022-28890, CVE-2023-22665. Vulnerability Details CVEID:CVE-2023-22665 DESCRIPTION: Apache Jena could allow a remote attacker to execute arbitrary code on the system, caused by improper checking of...

9.8CVSS7.2AI score0.04306EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/06 12:0 a.m.5 views

net.sansa-stack:sansa-examples-spark_2.12 (=0.8.0-RC3), net.sansa-stack:sansa-inference-spark_2.12 (=0.8.0-RC3) +4 more potentially affected by CVE-2022-28890 via org.apache.jena:jena (=4.4.0)

org.apache.jena:jena MAVEN version =4.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.jena:jena and may be impacted: - net.sansa-stack:sansa-examples-spark2.12 =0.8.0-RC3 - net.sansa-stack:sansa-inference-spark2.12 =0.8.0-RC3 -...

9.8CVSS7.2AI score0.0247EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/05/05 9:15 a.m.3 views

CVE-2022-28890

A vulnerability in the RDF/XML parser of Apache Jena allows an attacker to cause an external DTD to be retrieved. This issue affects Apache Jena version 4.4.0 and prior versions. Apache Jena 4.2.x and 4.3.x do not allow external entities...

9.8CVSS7.2AI score0.0247EPSS
Exploits0References2
OSV
OSV
added 2022/05/05 9:15 a.m.3 views

UBUNTU-CVE-2022-28890

A vulnerability in the RDF/XML parser of Apache Jena allows an attacker to cause an external DTD to be retrieved. This issue affects Apache Jena version 4.4.0 and prior versions. Apache Jena 4.2.x and 4.3.x do not allow external entities...

9.8CVSS7.2AI score0.0247EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2022/05/05 8:40 a.m.33 views

CVE-2022-28890

A vulnerability in the RDF/XML parser of Apache Jena allows an attacker to cause an external DTD to be retrieved. This issue affects Apache Jena version 4.4.0 and prior versions. Apache Jena 4.2.x and 4.3.x do not allow external entities...

9.8CVSS8.4AI score0.0247EPSS
Exploits0
Rows per page
Query Builder