Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2024/06/04 1:0 p.m.4 views

SUSE CVE-2021-26291

Apache Maven will follow repositories that are defined in a dependency's Project Object Model pom which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository...

7.4CVSS7.2AI score0.08691EPSS
Exploits2References7
RedHat Linux
RedHat Linux
added 2024/02/07 3:0 p.m.2 views

apache-ivy: XML External Entity vulnerability

Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy...

8.2CVSS7.3AI score0.01855EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/12/06 11:30 p.m.2 views

apache-ivy: XML External Entity vulnerability

Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy...

8.2CVSS7.3AI score0.01855EPSS
Exploits0References5
OSV
OSV
added 2023/08/21 9:30 a.m.9 views

GHSA-2JC4-R94C-RP7H Apache Ivy External Entity Reference vulnerability

Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy...

8.8CVSS7.3AI score0.01855EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/08/17 12:0 a.m.6 views

PT-2023-8841 · Apache +1 · Apache Ivy +1

Name of the Vulnerable Software and Affected Versions: Apache Ivy versions prior to 2.5.2 Description: The issue is related to improper restriction of XML external entity references, which can lead to XML injection, also known as blind XPath injection. When Apache Ivy parses XML files, it allows...

8.8CVSS7.9AI score0.01855EPSS
Exploits0References32
Rows per page
Query Builder