Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

VulnCheck KEV
VulnCheck KEVadded 2023/01/12 12:0 a.m.0 views

VulnCheck KEV: CVE-2022-42889

Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the...

9.8CVSS6.9AI score0.94251EPSS
Exploits41References1
Gentoo Linux
Gentoo Linuxadded 2023/01/11 12:0 a.m.55 views

Apache Commons Text: Arbitrary Code Execution

Background Apache Commons Text is a library focused on algorithms working on strings. Description Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to...

9.8CVSS3.5AI score0.94251EPSS
Exploits41
CVE
CVEadded 2022/10/13 12:0 a.m.1050 views

CVE-2022-42889

CVE-2022-42889 affects Apache Commons Text 1.5–1.9 where default interpolation lookups (script, dns, url) can trigger arbitrary code execution or remote access when untrusted values are used. The vulnerability can lead to remote code execution or unintended contact with remote servers via the Str...

9.8CVSS10AI score0.94251EPSS
Exploits41References9Affected Software1
Rows per page
Query Builder