Lucene search
K

5 matches found

Snyk
Snyk
added 2026/06/10 1:13 a.m.7 views

Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

Overview org.springframework.data:spring-data-rest-webmvc is a maven plugin for Spring Data REST - WebMVC. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements used in an Expression Language Statement 'Expression Language Injection' in the processing of...

8.6CVSS5.8AI score0.00393EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.13 views

Amazon Linux 2 : php, --advisory ALAS2-2026-3316 (ALAS-2026-3316)

The version of php installed on the remote host is prior to 5.4.16-46. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3316 advisory. In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object...

9.8CVSS6.1AI score0.00739EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/05/10 4:19 a.m.15 views

CVE-2026-6722

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains duplicate keys,...

9.8CVSS6.1AI score0.00739EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/10 4:19 a.m.9 views

CVE-2026-6722

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains duplicate keys,...

9.5CVSS6.1AI score0.00739EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/10 4:19 a.m.11 views

CVE-2026-6722 Use-After-Free in SOAP using Apache map

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains duplicate keys,...

9.5CVSS6.1AI score0.00739EPSS
Exploits0References1
Rows per page
Query Builder