Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
EclipseMemory Analyzer

3 matches found

CVE
CVEadded 2020/01/17 6:35 p.m.118 views

CVE-2019-17634

The CVE-2019-17634 entry applies to Eclipse Memory Analyzer 1.9.1 and earlier, where an XSS vulnerability exists when generating an HTML report from a malicious heap dump. The issue can be triggered if a user downloads or opens a crafted heap dump and generates a report, either in the GUI or in b...

9CVSS8.3AI score0.01933EPSS
CVE
CVEadded 2020/01/17 6:35 p.m.118 views

CVE-2019-17635

CVE-2019-17635 affects Eclipse Memory Analyzer up to version 1.9.1. The issue is a deserialization vulnerability triggered when an index file from a parsed heap dump is replaced by a malicious version and the user reopens the heap dump with the untrusted index. Affected also are local configurati...

7.8CVSS7.8AI score0.01339EPSS
CVE
CVEadded 2023/12/11 2:4 p.m.35 views

CVE-2023-6194

CVE-2023-6194 affects Eclipse Memory Analyzer (versions 0.7 to 1.14.0). The issue arises because report definition XML files do not filter references to external entities in DTDs, allowing a malicious report file to cause the tool to access external files or URLs defined via a DTD when generating...

7.1CVSS6.8AI score0.00306EPSS