Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2022-46751

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue...

8.2CVSS7.7AI score0.01855EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.26 views

RHEL 7 : apache-ivy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - apache-ivy: Directory Traversal CVE-2022-37865 - Improper Restriction of XML External Entity Reference, X...

9.6AI score0.01855EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.14 views

openSUSE: Security Advisory for apache (SUSE-SU-2023:4367-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS8.2AI score0.01855EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/02/07 3:0 p.m.42 views

Moderate: Red Hat Security Advisory: Migration Toolkit for Runtimes security, bug fix and enhancement update

Migration Toolkit for Runtimes 1.2.4 release Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

8.2CVSS6.7AI score0.01855EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/12/06 11:30 p.m.88 views

Important: Red Hat Security Advisory: Red Hat AMQ Streams 2.6.0 release and security update

Red Hat AMQ Streams 2.6.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS6.7AI score0.05972EPSS
Exploits1References13
OpenVAS
OpenVAS
added 2023/11/07 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2023:4367-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.8AI score0.01855EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.27 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apache-ivy (SUSE-SU-2023:4367-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4367-1 advisory. - Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection...

8.2CVSS7.7AI score0.01855EPSS
Exploits0References4
Amazon
Amazon
added 2023/10/24 12:0 a.m.33 views

Important: apache-ivy

Issue Overview: Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own...

8.2CVSS8.4AI score0.01855EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.33 views

Amazon Linux 2 : apache-ivy (ALAS-2023-2302)

The version of apache-ivy installed on the remote host is prior to 2.3.0-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2302 advisory. Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software...

8.2CVSS7.8AI score0.01855EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/22 6:11 p.m.39 views

Security Bulletin: IBM UrbanCode Deploy (UCD) is vulnerable to XML external entity XXE due to Apache Ivy

Summary Apache Ivy may be used by plugins or custom scripts in IBM UrbanCode Deploy UCD. Apache Ivy is vulnerable to a XXE caused by improper handling of XML external entity XXE declarations by the XML parser. CVE-2022-46751 Vulnerability Details CVEID:CVE-2022-46751 DESCRIPTION: Apache Ivy could...

8.2CVSS7.9AI score0.01855EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/09/08 12:0 a.m.24 views

Amazon Linux 2023 : apache-ivy, apache-ivy-javadoc (ALAS2023-2023-336)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-336 advisory. Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior t...

8.2CVSS7.7AI score0.01855EPSS
Exploits0References4
Circl
Circl
added 2023/08/21 12:40 p.m.4 views

CVE-2022-46751

creationtimestamp| type| source ---|---|--- 2023-08-21 12:40:52+00:00| seen| https://t.me/cibsecurity/68874 2024-02-07 16:16:43+00:00| seen| https://t.me/ctinow/180780 2024-02-09 10:51:22+00:00| seen| https://t.me/ctinow/181952 2024-11-13 22:20:22+00:00| seen|...

8.2CVSS7.7AI score0.01855EPSS
Exploits0References4
OSV
OSV
added 2023/08/21 7:15 a.m.27 views

CVE-2022-46751

Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy...

8.2CVSS8.3AI score
Exploits0References5
Chainguard
Chainguard
added 2023/08/21 7:15 a.m.43 views

CVE-2022-46751 vulnerabilities

Vulnerabilities for packages: gradle-stage0, gradle...

8.2CVSS7.1AI score0.01855EPSS
Exploits0
Wolfi
Wolfi
added 2023/08/21 7:15 a.m.61 views

CVE-2022-46751 vulnerabilities

Vulnerabilities for packages: gradle-stage0, gradle...

8.2CVSS7.1AI score0.01855EPSS
Exploits0
CVE
CVE
added 2023/08/21 6:55 a.m.2990 views

CVE-2022-46751

CVE-2022-46751: Apache Ivy is vulnerable to XML External Entity (XXE) or XML injection due to improper restriction of DTD processing. Affected versions: Ivy prior to 2.5.2. Root cause: parsing XML files (Ivy config, Ivy files, POMs) can download external DTDs and expand entities, enabling data ex...

8.2CVSS8.4AI score0.01855EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder