Lucene search
K

19 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/20 8:59 p.m.4 views

Security Bulletin: IBM Engineering Lifecycle Management - Engineering Test Management is impacted by vulnerabilities in Eclipse IDE versions

Summary Vulnerabilities have been identified in Eclipse IDE versions before 2023-09 4.29, which is used in IBM Engineering Lifecycle Management - Engineering Test Management Vulnerability Details CVEID:CVE-2023-4218 DESCRIPTION: In Eclipse IDE versions 2023-09 4.29 some files with xml content are...

5CVSS5.8AI score0.00386EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.5 views

CVE-2023-4218

In Eclipse IDE versions 2023-09 4.29 some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file for example for review a foreign repository or patch...

5CVSS6.8AI score0.00386EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/24 8:21 a.m.9 views

Security Bulletin: IBM Maximo Application Suite - Manage Component uses org.eclipse.core.runtime 3.10.0.v20140318-2214 which is vulnerable to CVE-2023-4218

Summary IBM Maximo Application Suite - Manage Component uses org.eclipse.core.runtime 3.10.0.v20140318-2214 which is vulnerable to CVE-2023-4218.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-4218 DESCRIPTION: In Eclipse IDE...

5CVSS6.3AI score0.00386EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/03 6:16 a.m.19 views

Security Bulletin: XML External Entity (XXE) injection vulnerability affects IBM Business Automation Workflow - CVE-2023-4218

Summary IBM Business Automation Workflow containers package a vulnerable copy of eclipse jars. Vulnerability Details CVEID:CVE-2023-4218 DESCRIPTION: Eclipse IDE could allow a local authenticated attacker to obtain sensitive information, caused by improper handling of XML external entity XXE...

5CVSS5.9AI score0.00386EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/03 5:55 a.m.17 views

Security Bulletin: Vulnerability in eclipse affects IBM Business Automation Workflow - CVE-2023-4218

Summary IBM Business Automation Workflow packages a vulnerable version of eclipe jar files. Vulnerability Details CVEID:CVE-2023-4218 DESCRIPTION: Eclipse IDE could allow a local authenticated attacker to obtain sensitive information, caused by improper handling of XML external entity XXE...

5CVSS5.9AI score0.00386EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/08 8:47 p.m.23 views

Security Bulletin: TPF Toolkit is affected by vulnerabilities in the Eclipse IDE and Apache Commons Compress

Summary The org.eclipse.core.runtime component is used by TPF Toolkit as part of the basic platform infrastructure CVE-2023-4218. Additionally, the Apache commons-compress package is used by TPF Toolkit web applications services as part of the code coverage feature CVE-2024-26308, CVE-2024-25710...

8.1CVSS7.1AI score0.00898EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2024/05/07 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2024:1304-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS5.6AI score0.00386EPSS
Exploits1References4
OSV
OSV
added 2024/04/16 9:0 a.m.9 views

SUSE-SU-2024:1304-1 Security update for eclipse, maven-surefire, tycho

This update for eclipse, maven-surefire, tycho fixes the following issues: eclipse received the following security fix: - CVE-2023-4218: Fixed a bug where parsing files with xml content laeds to XXE attacks. bsc1216992 maven-sunfire was updated from version 2.22.0 to 2.22.2: - Changes in version...

5CVSS6.7AI score0.00386EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/28 6:46 a.m.50 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM MQ which is shipped with IBM Intelligent Operations Center(CVE-2023-4218, CVE-2023-44487, CVE-2023-39976, CVE-2024-25016)

Summary Multiple security vulnerabilities have been identified in IBM MQ which shipped with IBM Intelligent Operations Center. Information about security vulnerabilities affecting IBM MQ has been published in a security bulletinCVE-2023-4218, CVE-2023-44487, CVE-2023-39976, CVE-2024-25016...

9.8CVSS9AI score0.99999EPSS
Exploits20Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/19 7:39 p.m.47 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM MQ shipped with IBM WebSphere Remote Server

Summary IBM MQ is shipped with IBM WebSphere Remote Server. Information about addressing security vulnerabilities affecting IBM MQ have been published in a security bulletins for CVE-2023-47745, CVE-2023-4218, CVE-2023-44487, CVE-2023-39976, CVE-2024-25016, linked herein. Vulnerability Details...

9.8CVSS8.5AI score0.99999EPSS
Exploits20Affected Software1
vulnersOsv
vulnersOsv
added 2023/11/30 7:52 p.m.6 views

de.cau.cs.kieler.klighd:de.cau.cs.kieler.klighd (=2.3.0.v20230606), de.cau.cs.kieler.klighd:de.cau.cs.kieler.klighd.ide (=2.3.0.v20230606) +136 more potentially affected by CVE-2023-4218 via org.eclipse.platform:org.eclipse.ui.workbench (>=3.108.3 <=3.129.0)

org.eclipse.platform:org.eclipse.ui.workbench MAVEN version =3.108.3, =0.50.0.v20230607, =1.4.0, =1.4.0, =1.6.0, =1.4.0, =1.4.2, =1.4.0, =1.4.0, =1.6.0, =1.5.3, =1.7.4 and more Source cves: CVE-2023-4218 Source advisory: OSV:GHSA-J24H-X...

5CVSS5.9AI score0.00386EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/11/30 7:52 p.m.4 views

com.diffplug.durian:durian-swt (>=3.0.0 <=5.2.0), com.diffplug.durian:durian-swt.cocoa.macosx.aarch64 (>=3.6.1 <=5.2.0) +179 more potentially affected by CVE-2023-4218 via org.eclipse.platform:org.eclipse.jface (>=3.12.2 <=3.30.0)

org.eclipse.platform:org.eclipse.jface MAVEN version =3.12.2, =3.0.0, =3.6.1, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =1.0.31, =1.0.0, =1.0.0, =0.1.0, =1.0.1 and more Source cves: CVE-2023-4218 Source advisory: OSV:GHSA-J24H-XCPC-9JW8...

5CVSS5.9AI score0.00386EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/11/30 7:52 p.m.7 views

ch.epfl.scala:bsp4j (=2.2.0-M4.TEST), com.github.davidmoten.xuml-compiler.examples:simple (>=0.5.1 <=0.5.3) +671 more potentially affected by CVE-2023-4218 via org.eclipse.platform:org.eclipse.core.runtime (>=3.12.0 <=3.27.0)

org.eclipse.platform:org.eclipse.core.runtime MAVEN version =3.12.0, =0.5.1, =0.5.1, =0.5.1, =4.0.0-beta1, =0.0.1, =1.2.1, =1.0.33, =2.0.1, =2023.1, =1.2.3, =2.0.0, =3.0.0 - com.github.tsantalis:refactoring-miner =2.4.0 and more Source cves: CVE-2023-4218 Source advisory: OSV:GHSA-J24H-XCPC-9JW8...

5CVSS5.9AI score0.00386EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/11/30 7:52 p.m.5 views

net.enilink.komma:net.enilink.commons.ui (>=1.5.2 <=1.7.4), net.enilink.komma:net.enilink.komma.common.ui (>=1.5.2 <=1.7.4) +109 more potentially affected by CVE-2023-4218 via org.eclipse.platform:org.eclipse.urischeme (>=1.1.0 <=1.3.0)

org.eclipse.platform:org.eclipse.urischeme MAVEN version =1.1.0, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.7.4 - org.eclipse.emfatic:org.eclipse.gymnast.runtime.core =1.0.0 - org.eclipse.jdt:org.eclipse.jdt =3.19.100 -...

5CVSS5.9AI score0.00386EPSS
Exploits1
NVD
NVD
added 2023/11/09 9:15 a.m.33 views

CVE-2023-4218

In Eclipse IDE versions 2023-09 4.29 some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file for example for review a foreign repository or patch...

5CVSS0.00386EPSS
Exploits1References11
OSV
OSV
added 2023/11/09 9:15 a.m.3 views

UBUNTU-CVE-2023-4218

In Eclipse IDE versions 2023-09 4.29 some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file for example for review a foreign repository or patch...

5CVSS7.1AI score0.00386EPSS
Exploits1References13
Cvelist
Cvelist
added 2023/11/09 8:26 a.m.23 views

CVE-2023-4218 XXE in eclipse.platform / Eclipse IDE

In Eclipse IDE versions 2023-09 4.29 some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file for example for review a foreign repository or patch...

5CVSS5.2AI score0.00386EPSS
Exploits1References11
CVE
CVE
added 2023/11/09 8:26 a.m.111 views

CVE-2023-4218

CVE-2023-4218 is an XXE vulnerability in Eclipse IDE

5CVSS4.8AI score0.00386EPSS
Exploits1References11Affected Software3
OSV
OSV
added 2023/11/09 8:26 a.m.9 views

CVE-2023-4218 XXE in eclipse.platform / Eclipse IDE

In Eclipse IDE versions 2023-09 4.29 some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file for example for review a foreign repository or patch...

5CVSS6AI score0.00386EPSS
Exploits1References13
Rows per page
Query Builder