Lucene search
K

11 matches found

Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37959

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

7.5CVSS6AI score0.17673EPSS
Exploits2References26
RedHat Linux
RedHat Linux
added 2024/11/25 12:12 a.m.2 views

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

7.5CVSS7AI score0.17673EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2024/10/14 6:1 p.m.8 views

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

7.5CVSS7AI score0.17673EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.9 views

PT-2024-30377 · Mycred · Mycred

Name of the Vulnerable Software and Affected Versions: myCred versions 2.6.x through 2.7.2 Description: The issue is related to a Missing Authorization vulnerability in myCred. This vulnerability may expose sensitive data. Users are urged to upgrade to mitigate the risk. Recommendations: For...

5.3CVSS6.6AI score0.00265EPSS
Exploits0References6
OSV
OSV
added 2023/11/12 3:30 p.m.3 views

GHSA-HM9R-7F84-25C9 Apache Airflow allows authenticated and DAG-view authorized users to modify some DAG run detail values when submitting notes

Apache Airflow, versions before 2.7.3, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have them alter details such as configuration parameters, start date, etc. Users should upgrade to...

5.3CVSS5.9AI score0.01497EPSS
Exploits0References8
PyPA
PyPA
added 2023/11/12 2:15 p.m.7 views

PYSEC-2023-232

We failed to applyCVE-2023-40611 in 2.7.1 and this vulnerability was marked as fixed then.Apache Airflow, versions before 2.7.3, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have them...

4.3CVSS6.7AI score0.01497EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/12 12:0 a.m.6 views

PT-2023-6909 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.7.3 Description: The issue is related to insufficient protection of internal data in Apache Airflow, allowing an authorized user with limited access to read specific DAGs to also read information about task...

7.1CVSS6AI score0.01657EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.4 views

SUSE CVE-2022-34169

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

7.5CVSS8.1AI score0.17673EPSS
Exploits2References21
RedHat Linux
RedHat Linux
added 2022/07/27 1:22 p.m.6 views

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

7.5CVSS7AI score0.17673EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2022/07/26 6:26 p.m.4 views

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

7.5CVSS7AI score0.17673EPSS
Exploits2References4
OSV
OSV
added 2022/07/19 6:15 p.m.2 views

UBUNTU-CVE-2022-34169

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

7.5CVSS6.9AI score0.17673EPSS
Exploits2References9
Rows per page
Query Builder