Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-0372

Malware in sbrugna...

9CVSS8.6AI score0.05175EPSS
Exploits1References9
OSV
OSV
added 2020/04/10 6:42 p.m.2 views

GHSA-8JPX-M2WH-2V34 Remote Code Execution (RCE) vulnerability in dropwizard-validation

Summary A server-side template injection was identified in the self-validating @SelfValidating feature of dropwizard-validation enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution RCE vulnerability. If you're using a self-validating bean via @SelfValidatin...

8CVSS7.3AI score0.05175EPSS
Exploits1References8
Cvelist
Cvelist
added 2020/04/10 6:35 p.m.48 views

CVE-2020-11002 Remote Code Execution (RCE) vulnerability in dropwizard-validation

dropwizard-validation before versions 2.0.3 and 1.3.21 has a remote code execution vulnerability. A server-side template injection was identified in the self-validating feature enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution RCE vulnerability. If you a...

8CVSS9.3AI score0.05175EPSS
Exploits1References7
NVD
NVD
added 2020/02/24 6:15 p.m.50 views

CVE-2020-5245

Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in...

9CVSS8.6AI score0.0281EPSS
Exploits1References8
OSV
OSV
added 2020/02/24 6:15 p.m.32 views

CVE-2020-5245

Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in...

8.8CVSS8.4AI score
Exploits0References8
Vulnrichment
Vulnrichment
added 2020/02/24 5:35 p.m.25 views

CVE-2020-5245 Remote Code Execution (RCE) vulnerability in dropwizard-validation

Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in...

7.9CVSS7.7AI score0.0281EPSS
Exploits1References8
Cvelist
Cvelist
added 2020/02/24 5:35 p.m.52 views

CVE-2020-5245 Remote Code Execution (RCE) vulnerability in dropwizard-validation

Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in...

7.9CVSS8.6AI score0.0281EPSS
Exploits1References8
OSV
OSV
added 2020/02/24 5:27 p.m.8 views

GHSA-3MCP-9WR4-CJQF Remote Code Execution (RCE) vulnerability in dropwizard-validation

Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. Summary A server-side template injection...

7.9CVSS7.7AI score0.05175EPSS
Exploits2References11
Rows per page
Query Builder