Arbitrary Code Execution

🗓️ 14 Oct 2022 18:57:11Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 62 Views

Apache Commons Text Arbitrary Code Executio

Reporter	Title	Published	Views	Family All 246
GithubExploit	Exploit for Code Injection in Apache Commons_Text	9 Sep 202312:11	–	githubexploit
GithubExploit	Exploit for Code Injection in Apache Commons_Text	27 Jun 202308:29	–	githubexploit
GithubExploit	Exploit for Code Injection in Apache Commons_Text	4 Nov 202219:26	–	githubexploit
GithubExploit	Exploit for Code Injection in Apache Commons_Text	9 Sep 202312:11	–	githubexploit
GithubExploit	Exploit for Code Injection in Apache Commons_Text	20 Oct 202218:07	–	githubexploit
GithubExploit	Exploit for Code Injection in Apache Commons_Text	24 Mar 202515:58	–	githubexploit
GithubExploit	Exploit for Code Injection in Apache Commons_Text	22 Oct 202202:06	–	githubexploit
GithubExploit	Exploit for Code Injection in Apache Commons_Text	19 Oct 202222:56	–	githubexploit
GithubExploit	Exploit for Code Injection in Apache Commons_Text	18 Oct 202213:53	–	githubexploit
GithubExploit	Exploit for Code Injection in Apache Commons_Text	5 Nov 202207:32	–	githubexploit

Vulners

Node

apache commons-textRange1.5–1.9java

candlepinproject candlepinMatch4.1.13_1.el8sat

candlepinproject candlepinMatch4.1.14_1.el8sat

candlepinproject candlepinMatch4.1.15_1.el8sat

candlepinproject candlepinMatch4.1.19_1.el8sat

candlepinproject candlepinMatch4.1.19_2.el8sat

candlepinproject candlepinMatch4.1.20_1.el8sat

jenkins jenkinsMatch2.303.3.1637596565_1.el8

jenkins jenkinsMatch2.277.3.1620985335_1.el8

jenkins jenkinsMatch2.361.1.1675406172_1.el8

jenkins jenkinsMatch2.289.3.1630554997_1.el8

jenkins jenkinsMatch2.387.1.1680701869_1.el8

jenkins jenkinsMatch2.361.4.1676950267_1.el8

jenkins jenkinsMatch2.346.1.1667459710_1.el8

jenkins jenkinsMatch2.361.1.1672840472_1.el8

jenkins jenkinsMatch2.346.3.1663600263_1.el8

jenkins jenkinsMatch2.361.1.1669892772_1.el8

jenkins jenkinsMatch2.319.2.1643882372_1.el8

jenkins jenkinsMatch2.303.3.1637597493_1.el8

jenkins jenkinsMatch2.319.3.1651752848_1.el8

jenkins jenkinsMatch2.319.2.1643391771_1.el8

jenkins jenkinsMatch2.319.3.1650888800_1.el8

jenkins jenkinsMatch2.361.1.1666855583_1.el8

jenkins jenkinsMatch2.289.2.1628252553_1.el8

jenkins jenkinsMatch2.346.3.1661877467_3.el8

jenkins jenkinsMatch2.263.3.1612434510_1.el8

jenkins jenkinsMatch2.289.1.1624020353_1.el8

jenkins jenkinsMatch2.361.4.1680068660_1.el8

jenkins jenkinsMatch2.289.2.1629437819_1.el8

jenkins jenkinsMatch2.263.3.1617950728_1.el8

jenkins jenkinsMatch2.361.4.1675935280_1.el8

jenkins jenkinsMatch2.289.3.1633554819_1.el8

jenkins jenkinsMatch2.319.2.1643288987_1.el8

jenkins jenkinsMatch2.303.3.1637597018_1.el8

jenkins jenkinsMatch2.303.3.1637595827_1.el8

jenkins jenkinsMatch2.387.1.1681718871_1.el8

jenkins jenkinsMatch2.263.3.1623239705_1.el8

jenkins jenkinsMatch2.319.2.1643648617_1.el8

jenkins jenkinsMatch2.277.3.1623853726_1.el8

jenkins jenkinsMatch2.361.4.1675702346_3.el8

jenkins jenkinsMatch2.361.1.1675668150_1.el8

jenkins jenkinsMatch2.346.3.1663082117_3.el8

jenkins jenkinsMatch2.319.2.1643964085_1.el8

jenkins jenkinsMatch2.263.3.1612449007_1.el8

jenkins jenkinsMatch2.235.5.1600670743_1.el8

jenkins jenkinsMatch2.346.3.1663151230_1.el8

jenkins jenkinsMatch2.277.3.1620393611_1.el8

jenkins jenkinsMatch2.387.1.1683009763_3.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1671706212_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1611636915_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.12.1675702407_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.11.1661877421_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1648800585_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1641573626_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1650364520_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1624022417_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1623162648_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1644822177_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1601368321_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1667207005_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1651754460_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1605620903_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1630555871_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1643883495_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1675936179_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.11.1663082208_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1674644684_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1669894222_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1667388055_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1663147786_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1647580879_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1617886678_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1652967082_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1642609156_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1629443573_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1646993358_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1667460322_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1609853716_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1675144701_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1681719745_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1641470084_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1643649345_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1637602169_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1621361158_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1672842762_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1675407676_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1637598812_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1642420115_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1633555500_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1663599478_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1642607680_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1637599935_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1643389956_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1650890594_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1642418992_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1616671397_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1612257979_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1676951056_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1647505461_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1648739557_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1643965689_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1675668922_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1637600997_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1653312933_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1643404185_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.12.1683009955_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1685679861_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.11.1686831822_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1684982411_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1687341544_1.el8

Source	Link
github	www.github.com/apache/commons-text/commit/b9b40b903e2d1f9935039803c9852439576780ea
seclists	www.seclists.org/fulldisclosure/2023/Feb/3
lists	www.lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om
security	www.security.gentoo.org/glsa/202301-05
packetstormsecurity	www.packetstormsecurity.com/files/171003/OX-App-Suite-Cross-Site-Scripting-Server-Side-Request-Forgery.html
packetstormsecurity	www.packetstormsecurity.com/files/176650/Apache-Commons-Text-1.9-Remote-Code-Execution.html
psirt	www.psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022
security	www.security.netapp.com/advisory/ntap-20221020-0004/
openwall	www.openwall.com/lists/oss-security/2022/10/13/4
openwall	www.openwall.com/lists/oss-security/2022/10/18/1

19 Jan 2024 17:27Current

9.4High risk

Vulners AI Score9.4

CVSS 3.19.8

EPSS0.99931

SSVC