Lucene search
K

6 matches found

vulnersOsv
vulnersOsv
added 2022/09/29 12:0 a.m.8 views

cn.centychen:xxl-job-spring-boot-starter (>=1.0.0-RELEASE <=1.0.1-RELEASE), cn.db101:xxl-job-spring-boot-starter (=1.1.0) +53 more potentially affected by CVE-2022-40929 via com.xuxueli:xxl-job-core (>=1.8.2 <=2.2.0)

com.xuxueli:xxl-job-core MAVEN version =1.8.2, =1.0.0-RELEASE, =0.0.8-RELEASE, =0.0.8-RELEASE, =1.6.0, =1.0.1, =2.1.1-RELEASE, =6.1.0, =0.0.4, =1.5.13, =1.7.1 - com.gitee.zodiacstack:zodiac-xxljob-spring-boot-starter =1.5.16 - com.github.hiwepy:xxljob-spring-boot-starter =1.0.0.RELEASE -...

9.8CVSS7.8AI score0.01214EPSS
Exploits1
Circl
Circl
added 2022/09/28 10:34 p.m.7 views

CVE-2022-40929

creationtimestamp| type| source ---|---|--- 2022-09-28 22:34:19+00:00| seen| https://t.me/cibsecurity/50614...

9.8CVSS8.7AI score0.01214EPSS
Exploits1References1
NVD
NVD
added 2022/09/28 6:15 p.m.46 views

CVE-2022-40929

XXL-JOB 2.2.0 has a Command execution vulnerability in background tasks. NOTE: this is disputed because the issues/4929 report is about an intended and supported use case running arbitrary Bash scripts on behalf of users...

9.8CVSS0.01214EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/09/28 12:0 a.m.46 views

CVE-2022-40929

XXL-JOB 2.2.0 has a Command execution vulnerability in background tasks. NOTE: this is disputed because the issues/4929 report is about an intended and supported use case running arbitrary Bash scripts on behalf of users...

9.9AI score0.01214EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/09/28 12:0 a.m.3 views

CVE-2022-40929

XXL-JOB 2.2.0 has a Command execution vulnerability in background tasks. NOTE: this is disputed because the issues/4929 report is about an intended and supported use case running arbitrary Bash scripts on behalf of users...

9.6AI score0.01214EPSS
Exploits1References1
CVE
CVE
added 2022/09/28 12:0 a.m.111 views

CVE-2022-40929

XXL-JOB 2.2.0 (and earlier) is affected by a command execution vulnerability in background tasks. The root cause is lack of sanitization when creating new tasks in the background management module, which can allow an attacker to inject and run arbitrary commands. Some sources dispute the CVE’s se...

9.8CVSS9.6AI score0.01214EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder