Astra Linux - уязвимость в axis

UNSUPPORTED WHEN ASSIGNED When integrating Apache Axis 1.x in an application, it might not have been obvious that using “ServiceFactory.getService” could allow for the use of potentially dangerous lookup mechanisms, such as LDAP. Passing untrusted input to this API method could expose the...

EUVD-2023-2587

Malicious code in bioql PyPI...

Apache Axis 1.x (EOL) may allow RCE when untrusted input is passed to getService

When integrating Apache Axis 1.x in an application, it may not have been obvious that looking up a service through "ServiceFactory.getService" allows potentially dangerous lookup mechanisms such as LDAP. When passing untrusted input to this API method, this could expose the application to DoS, SS...

UBUNTU-CVE-2023-40743

UNSUPPORTED WHEN ASSIGNED When integrating Apache Axis 1.x in an application, it may not have been obvious that looking up a service through "ServiceFactory.getService" allows potentially dangerous lookup mechanisms such as LDAP. When passing untrusted input to this API method, this could expose...

PT-2023-6524 · Apache +3 · Apache Axis +3

Name of the Vulnerable Software and Affected Versions: Apache Axis versions prior to 1.4 Description: The issue arises from insufficient input validation in the implementation of the Apache Axis web service platform, allowing potentially dangerous lookup mechanisms such as LDAP when looking up a...

Apache Axis 输入验证错误漏洞

Apache Axis is the United States Apache Apache Foundation of an open source , XML-based Web services architecture . The product contains a SOAP server implemented in Java and C++ languages , as well as a variety of utility services and APIs to generate and deploy Web services applications. Apache...