Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:53 p.m.8 views

CVE-2022-31190

DSpace open source software is a repository application which provides durable access to digital resources. dspace-xmlui is a UI component for DSpace. In affected versions metadata on a withdrawn Item is exposed via the XMLUI "mets.xml" object, as long as you know the handle/URL of the withdrawn...

5.3CVSS6.8AI score0.00712EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/08/06 5:40 a.m.6 views

org.dataone.dspace:auto-versioning-xmlui (>=5.4.0 <=5.4.2), org.dspace.modules:xmlui (>=4.0 <=6.3) potentially affected by CVE-2022-31190 via org.dspace:dspace-xmlui (>=4.0 <=6.3)

org.dspace:dspace-xmlui MAVEN version =4.0, =5.4.0, =4.0, =6.3 Source cves: CVE-2022-31190 Source advisory: OSV:GHSA-7W85-PP86-P4PQ...

5.3CVSS6AI score0.00712EPSS
Exploits0
CVE
CVE
added 2022/08/01 8:10 p.m.93 views

CVE-2022-31190

CVE-2022-31190 (DSpace XMLUI) affects DSpace XMLUI by exposing metadata of withdrawn items via the mets.xml object when the handle/URL is known. The issue is limited to the XMLUI component; JSPUI and 7.x are not impacted. Impact is information disclosure of withdrawn-item metadata, not full compr...

5.3CVSS5.2AI score0.00712EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/08/01 8:10 p.m.6 views

CVE-2022-31190 Metadata of withdrawn Items is exposed to anonymous users in DSpace XMLUI

DSpace open source software is a repository application which provides durable access to digital resources. dspace-xmlui is a UI component for DSpace. In affected versions metadata on a withdrawn Item is exposed via the XMLUI "mets.xml" object, as long as you know the handle/URL of the withdrawn...

5.3CVSS5.3AI score0.00712EPSS
Exploits0References3
Rows per page
Query Builder