Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ApacheKaraf

3 matches found

CVE
CVEadded 2022/01/26 11:15 a.m.125 views

CVE-2022-22932

Apache Karaf obr:* commands and run goal on the karaf-maven-plugin have partial path traversal which allows to break out of expected folder. The risk is low as obr:* commands are not very used and the entry is set by user. This has been fixed in revision: https://gitbox.apache.org/repos/asf?p=karaf...

5.3CVSS5.5AI score0.00682EPSS
CVE
CVEadded 2019/05/09 2:29 p.m.74 views

CVE-2019-0226

Apache Karaf Config service provides a install method (via service or MBean) that could be used to travel in any directory and overwrite existing file. The vulnerability is low if the Karaf process user has limited permission on the filesystem. Any Apache Karaf version before 4.2.5 is impacted. Use...

5.5CVSS4.9AI score0.017EPSS
CVE
CVEadded 2017/11/15 6:29 p.m.50 views

CVE-2014-0219

Apache Karaf before 4.0.10 enables a shutdown port on the loopback interface, which allows local users to cause a denial of service (shutdown) by sending a shutdown command to all listening high ports.

5.5CVSS5.4AI score0.00081EPSS