Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2023-42445

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, when Gradle parses XML files, resolving XML...

6.8CVSS6.5AI score0.00674EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.32 views

RHEL 6 : gradle (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gradle: Possible local text file exfiltration by XML External entity injection CVE-2023-42445 - gradle:...

6.8CVSS7.5AI score0.00674EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/12/06 11:30 p.m.89 views

Important: Red Hat Security Advisory: Red Hat AMQ Streams 2.6.0 release and security update

Red Hat AMQ Streams 2.6.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS6.7AI score0.05972EPSS
Exploits1References13
CVE
CVE
added 2023/10/06 1:52 p.m.176 views

CVE-2023-42445

CVE-2023-42445 affects Gradle: XML External Entity (XXE) resolution was not disabled in some parsing paths, enabling potential exfiltration of local text files via XML parsing with an OOB-XXE scenario. Documents confirm Gradle now disables XML external entities for all use cases in Gradle 7.6.3 a...

6.8CVSS6AI score0.00674EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/10/06 1:52 p.m.32 views

CVE-2023-42445 Possible local file exfiltration by XML External entity injection

Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, when Gradle parses XML files, resolving XML external entities is not disabled. Combined with an Out Of Band XXE attack OOB-XXE, just parsing XML can lead to exfiltration of local tex...

6.8CVSS6.8AI score0.00674EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/10/06 1:52 p.m.2 views

CVE-2023-42445 Possible local file exfiltration by XML External entity injection

Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, when Gradle parses XML files, resolving XML external entities is not disabled. Combined with an Out Of Band XXE attack OOB-XXE, just parsing XML can lead to exfiltration of local tex...

6.8CVSS6AI score0.00674EPSS
Exploits0References4
Rows per page
Query Builder