21 matches found
CVE-2018-1000644
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
EUVD-2018-0528
Malware in sbrugna...
EUVD-2022-5697
Malicious code in bioql PyPI...
GHSA-X3CR-X949-H5JV RDF4J vulnerable to zip slip
RDF4J prior to 2.5.0 allows Directory Traversal via ../ in an entry in a ZIP archive...
RDF4J vulnerable to zip slip
RDF4J prior to 2.5.0 allows Directory Traversal via ../ in an entry in a ZIP archive...
Directory Traversal
rdf4j-util is vulnerable to directory traversal. An attacker is able to overwrite arbitrary files using the characters ../ as an entry in a ZIP archive. The overwrite occurs during decompressing of the ZIP file...
CVE-2018-20227
RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive...
CVE-2018-20227
RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive...
Directory traversal
RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive...
CVE-2018-20227
Summary of CVE-2018-20227 (RDF4J): RDF4J 2.4.2 is vulnerable to a directory traversal (zip slip) via a ../ path in an entry within a ZIP archive. The underlying issue is a path traversal flaw that could enable extraction of arbitrary files when decompressing ZIP entries. Affected version in publi...
CVE-2018-20227
RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive...
PT-2018-15295 · Eclipse · Rdf4J
Name of the Vulnerable Software and Affected Versions: RDF4J versions 2.4.2 through 2.4.2 RDF4J versions prior to 2.5.0 Description: The issue allows Directory Traversal via ../ in an entry in a ZIP archive. Recommendations: For RDF4J version 2.4.2, update to version 2.5.0 or later. For RDF4J...
ai.agnos:reactive-sparql_2.12 (>=0.3.0 <=0.3.1), com.franz:agraph-java-client (>=2.0.0 <=2.2.1) +61 more potentially affected by CVE-2018-1000644 via org.eclipse.rdf4j:rdf4j-runtime (>=1.0 <=2.4.0-M3)
org.eclipse.rdf4j:rdf4j-runtime MAVEN version =1.0, =0.3.0, =2.0.0, =8.0.0, =2.2.0, =1.2.0, =2.2.0, =4.6.0, =4.6.0, =4.3.0, =4.3.0, =4.3.0, =4.3.0, =4.5.0 and more Source cves: CVE-2018-1000644 Source advisory: OSV:GHSA-6XQ8-PVG4-3MF3...
Eclipse RDF4j vulnerable to XML External Entity
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
GHSA-6XQ8-PVG4-3MF3 Eclipse RDF4j vulnerable to XML External Entity
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
XML External Entity (XXE)
rdf4j-rio-trix is vulnerable to XML external entities XXE attacks. The library does not disable entities and document type declarations, allowing a malicious user to conduct an XXE injection attack...
CVE-2018-1000644
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
CVE-2018-1000644
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
Xxe
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
CVE-2018-1000644
Known CVE-2018-1000644 affects Eclipse RDF4j