Vendor CVEs
Apache
All CVEs
2,550 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-0203 | 0.00 | — | 0.03 | Sep 26, 2019 | In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server. | |||
| CVE-2018-11782 | 0.00 | — | 0.02 | Sep 26, 2019 | In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server. | |||
| CVE-2019-0207 | 0.00 | — | 0.03 | Sep 16, 2019 | Tapestry processes assets `/assets/ctx` using classes chain `StaticFilesFilter -> AssetDispatcher -> ContextResource`, which doesn't filter the character `\`, so attacker can perform a path traversal attack to read any files on Windows platform. | |||
| CVE-2019-10074 | 0.00 | — | 0.03 | Sep 11, 2019 | An RCE is possible by entering Freemarker markup in an Apache OFBiz Form Widget textarea field when encoding has been disabled on such a field. This was the case for the Customer Request "story" input in the Order Manager application. Encoding should not be disabled without good… | |||
| CVE-2019-10073 | 0.00 | — | 0.05 | Sep 11, 2019 | The "Blog", "Forum", "Contact Us" screens of the template "ecommerce" application bundled in Apache OFBiz are weak to Stored XSS attacks. Mitigation: Upgrade to 16.11.06 or manually apply the following commits on branch 16.11: 1858438, 1858543, 1860595 and 1860616 | |||
| CVE-2018-17200 | 0.00 | — | 0.05 | Sep 11, 2019 | The Apache OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. This service takes the `serviceContent` parameter in the request and deserializes it using XStream. This `XStream`… | |||
| CVE-2019-12405 | 0.00 | — | 0.03 | Sep 9, 2019 | Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that user without… | |||
| CVE-2019-12402 | 0.00 | — | 0.16 | Aug 29, 2019 | The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by… | |||
| CVE-2019-12400 | 0.00 | — | 0.01 | Aug 23, 2019 | In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class… | |||
| CVE-2019-10086 | 0.00 | — | 0.29 | Aug 20, 2019 | In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the… | |||
| CVE-2019-9518 | 0.00 | — | 0.25 | Aug 13, 2019 | Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE.… | |||
| CVE-2019-10088 | 0.00 | — | 0.05 | Aug 2, 2019 | A carefully crafted or corrupt zip file can cause an OOM in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Users should upgrade to 1.22 or later. | |||
| CVE-2019-10094 | 0.00 | — | 0.02 | Aug 2, 2019 | A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later. | |||
| CVE-2019-10093 | 0.00 | — | 0.04 | Aug 2, 2019 | In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache Tika users should upgrade to 1.22 or later. | |||
| CVE-2015-7559 | 0.00 | — | 0.02 | Aug 1, 2019 | It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client. | |||
| CVE-2018-11772 | 0.00 | — | 0.01 | Jul 29, 2019 | Apache VCL versions 2.1 through 2.5 do not properly validate cookie input when determining what node (if any) was previously selected in the privilege tree. The cookie data is then used in an SQL statement. This allows for an SQL injection attack. Access to this portion of a VCL… | |||
| CVE-2018-11774 | 0.00 | — | 0.01 | Jul 29, 2019 | Apache VCL versions 2.1 through 2.5 do not properly validate form input when adding and removing VMs to and from hosts. The form data is then used in SQL statements. This allows for an SQL injection attack. Access to this portion of a VCL system requires admin level rights.… | |||
| CVE-2018-11773 | 0.00 | — | 0.02 | Jul 29, 2019 | Apache VCL versions 2.1 through 2.5 do not properly validate form input when processing a submitted block allocation. The form data is then used as an argument to the php built in function strtotime. This allows for an attack against the underlying implementation of that… | |||
| CVE-2018-11779 | 0.00 | — | 0.03 | Jul 25, 2019 | In Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the Storm UI daemon to deserialize user provided bytes into a Java class. | |||
| CVE-2019-0202 | 0.00 | — | 0.02 | Jul 25, 2019 | The Apache Storm Logviewer daemon exposes HTTP-accessible endpoints to read/search log files on hosts running Storm. In Apache Storm versions 0.9.1-incubating to 1.2.2, it is possible to read files off the host's file system that were not intended to be accessible via these… | |||
| CVE-2019-0234 | 0.00 | — | 0.03 | Jul 15, 2019 | A Reflected Cross-site Scripting (XSS) vulnerability exists in Apache Roller. Roller's Math Comment Authenticator did not property sanitize user input and could be exploited to perform Reflected Cross Site Scripting (XSS). The mitigation for this vulnerability is to upgrade to… | |||
| CVE-2018-17196 | 0.00 | — | 0.05 | Jul 11, 2019 | In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses transaction/idempotent ACL validation. Only authenticated clients with Write permission on the respective topics are able to exploit this vulnerability. Users… | |||
| CVE-2014-9699 | 0.00 | — | 0.01 | Jun 24, 2019 | The MakerBot Replicator 5G printer runs an Apache HTTP Server with directory indexing enabled. Apache logs, system logs, design files (i.e., a history of print files), and more are exposed to unauthenticated attackers through this HTTP server. | |||
| CVE-2019-10072 | 0.00 | — | 0.73 | Jun 21, 2019 | The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOW_UPDATE messages for the connection window (stream 0) clients were able to cause… | |||
| CVE-2019-10085 | 0.00 | — | 0.05 | Jun 18, 2019 | In Apache Allura prior to 1.11.0, a vulnerability exists for stored XSS on the user dropdown selector when creating or editing tickets. The XSS executes when a user engages with that dropdown on that page. | |||
| CVE-2019-0197 | 0.00 | — | 0.08 | Jun 11, 2019 | A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration… | |||
| CVE-2018-11801 | 0.00 | — | 0.05 | Jun 11, 2019 | SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary SQL commands via a query on a m_center data related table. | |||
| CVE-2018-11800 | 0.00 | — | 0.05 | Jun 11, 2019 | SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary SQL commands via a query on the GroupSummaryCounts related table. | |||
| CVE-2019-0188 | 0.00 | — | 0.08 | May 28, 2019 | Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed. | |||
| CVE-2018-17198 | 0.00 | — | 0.04 | May 28, 2019 | Server-side Request Forgery (SSRF) and File Enumeration vulnerability in Apache Roller 5.2.1, 5.2.0 and earlier unsupported versions relies on Java SAX Parser to implement its XML-RPC interface and by default that parser supports external entities in XML DOCTYPE, which opens… | |||
| CVE-2019-0201 | 0.00 | — | 0.10 | May 23, 2019 | An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string.… | |||
| CVE-2019-0226 | 0.00 | — | 0.02 | May 9, 2019 | Apache Karaf Config service provides a install method (via service or MBean) that could be used to travel in any directory and overwrite existing file. The vulnerability is low if the Karaf process user has limited permission on the filesystem. Any Apache Karaf version before… | |||
| CVE-2018-8035 | 0.00 | — | 0.05 | May 1, 2019 | This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC (<= 2.2.2) which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user… | |||
| CVE-2019-0214 | 0.00 | — | 0.05 | Apr 30, 2019 | In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file. | |||
| CVE-2019-0213 | 0.00 | — | 0.05 | Apr 30, 2019 | In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the… | |||
| CVE-2019-0223 | 0.00 | — | 0.06 | Apr 23, 2019 | While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with… | |||
| CVE-2018-1328 | 0.00 | — | 0.06 | Apr 23, 2019 | Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by "Josna Joseph". | |||
| CVE-2018-1317 | 0.00 | — | 0.05 | Apr 23, 2019 | In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication. | |||
| CVE-2017-12619 | 0.00 | — | 0.05 | Apr 23, 2019 | Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone". | |||
| CVE-2019-0218 | 0.00 | — | 0.05 | Apr 22, 2019 | A vulnerability was discovered wherein a specially crafted URL could enable reflected XSS via JavaScript in the pony mail interface. | |||
| CVE-2019-0216 | 0.00 | — | 0.03 | Apr 10, 2019 | A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. | |||
| CVE-2019-0229 | 0.00 | — | 0.01 | Apr 10, 2019 | A number of HTTP endpoints in the Airflow webserver (both RBAC and classic) did not have adequate protection and were vulnerable to cross-site request forgery attacks. | |||
| CVE-2019-0215 | 0.00 | — | 0.11 | Apr 8, 2019 | In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions. | |||
| CVE-2019-0222 | 0.00 | — | 0.12 | Mar 28, 2019 | In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive. | |||
| CVE-2018-11789 | 0.00 | — | 0.07 | Mar 18, 2019 | When accessing the heron-ui webpage, people can modify the file paths outside of the current container to access any file on the host. Example woule be modifying the parameter path= to go to the directory you would like to view. i.e. ..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd. | |||
| CVE-2018-11767 | 0.00 | — | 0.04 | Mar 18, 2019 | In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms. | |||
| CVE-2018-11783 | 0.00 | — | 0.02 | Mar 7, 2019 | sslheaders plugin extracts information from the client certificate and sets headers in the request based on the configuration of the plugin. The plugin doesn't strip the headers from the request in some scenarios. This problem was discovered in versions 6.0.0 to 6.0.3, 7.0.0 to… | |||
| CVE-2019-0200 | 0.00 | — | 0.04 | Mar 6, 2019 | A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, 0-91… | |||
| CVE-2018-20244 | 0.00 | — | 0.02 | Feb 27, 2019 | In Apache Airflow before 1.10.2, a malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. | |||
| CVE-2019-5736 | 0.00 | — | 0.99 | Feb 11, 2019 | runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new… |
- CVE-2019-0203Sep 26, 2019risk 0.00cvss —epss 0.03
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.
- CVE-2018-11782Sep 26, 2019risk 0.00cvss —epss 0.02
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.
- CVE-2019-0207Sep 16, 2019risk 0.00cvss —epss 0.03
Tapestry processes assets `/assets/ctx` using classes chain `StaticFilesFilter -> AssetDispatcher -> ContextResource`, which doesn't filter the character `\`, so attacker can perform a path traversal attack to read any files on Windows platform.
- CVE-2019-10074Sep 11, 2019risk 0.00cvss —epss 0.03
An RCE is possible by entering Freemarker markup in an Apache OFBiz Form Widget textarea field when encoding has been disabled on such a field. This was the case for the Customer Request "story" input in the Order Manager application. Encoding should not be disabled without good…
- CVE-2019-10073Sep 11, 2019risk 0.00cvss —epss 0.05
The "Blog", "Forum", "Contact Us" screens of the template "ecommerce" application bundled in Apache OFBiz are weak to Stored XSS attacks. Mitigation: Upgrade to 16.11.06 or manually apply the following commits on branch 16.11: 1858438, 1858543, 1860595 and 1860616
- CVE-2018-17200Sep 11, 2019risk 0.00cvss —epss 0.05
The Apache OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. This service takes the `serviceContent` parameter in the request and deserializes it using XStream. This `XStream`…
- CVE-2019-12405Sep 9, 2019risk 0.00cvss —epss 0.03
Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that user without…
- CVE-2019-12402Aug 29, 2019risk 0.00cvss —epss 0.16
The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by…
- CVE-2019-12400Aug 23, 2019risk 0.00cvss —epss 0.01
In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class…
- CVE-2019-10086Aug 20, 2019risk 0.00cvss —epss 0.29
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the…
- CVE-2019-9518Aug 13, 2019risk 0.00cvss —epss 0.25
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE.…
- CVE-2019-10088Aug 2, 2019risk 0.00cvss —epss 0.05
A carefully crafted or corrupt zip file can cause an OOM in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Users should upgrade to 1.22 or later.
- CVE-2019-10094Aug 2, 2019risk 0.00cvss —epss 0.02
A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.
- CVE-2019-10093Aug 2, 2019risk 0.00cvss —epss 0.04
In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache Tika users should upgrade to 1.22 or later.
- CVE-2015-7559Aug 1, 2019risk 0.00cvss —epss 0.02
It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.
- CVE-2018-11772Jul 29, 2019risk 0.00cvss —epss 0.01
Apache VCL versions 2.1 through 2.5 do not properly validate cookie input when determining what node (if any) was previously selected in the privilege tree. The cookie data is then used in an SQL statement. This allows for an SQL injection attack. Access to this portion of a VCL…
- CVE-2018-11774Jul 29, 2019risk 0.00cvss —epss 0.01
Apache VCL versions 2.1 through 2.5 do not properly validate form input when adding and removing VMs to and from hosts. The form data is then used in SQL statements. This allows for an SQL injection attack. Access to this portion of a VCL system requires admin level rights.…
- CVE-2018-11773Jul 29, 2019risk 0.00cvss —epss 0.02
Apache VCL versions 2.1 through 2.5 do not properly validate form input when processing a submitted block allocation. The form data is then used as an argument to the php built in function strtotime. This allows for an attack against the underlying implementation of that…
- CVE-2018-11779Jul 25, 2019risk 0.00cvss —epss 0.03
In Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the Storm UI daemon to deserialize user provided bytes into a Java class.
- CVE-2019-0202Jul 25, 2019risk 0.00cvss —epss 0.02
The Apache Storm Logviewer daemon exposes HTTP-accessible endpoints to read/search log files on hosts running Storm. In Apache Storm versions 0.9.1-incubating to 1.2.2, it is possible to read files off the host's file system that were not intended to be accessible via these…
- CVE-2019-0234Jul 15, 2019risk 0.00cvss —epss 0.03
A Reflected Cross-site Scripting (XSS) vulnerability exists in Apache Roller. Roller's Math Comment Authenticator did not property sanitize user input and could be exploited to perform Reflected Cross Site Scripting (XSS). The mitigation for this vulnerability is to upgrade to…
- CVE-2018-17196Jul 11, 2019risk 0.00cvss —epss 0.05
In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses transaction/idempotent ACL validation. Only authenticated clients with Write permission on the respective topics are able to exploit this vulnerability. Users…
- CVE-2014-9699Jun 24, 2019risk 0.00cvss —epss 0.01
The MakerBot Replicator 5G printer runs an Apache HTTP Server with directory indexing enabled. Apache logs, system logs, design files (i.e., a history of print files), and more are exposed to unauthenticated attackers through this HTTP server.
- CVE-2019-10072Jun 21, 2019risk 0.00cvss —epss 0.73
The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOW_UPDATE messages for the connection window (stream 0) clients were able to cause…
- CVE-2019-10085Jun 18, 2019risk 0.00cvss —epss 0.05
In Apache Allura prior to 1.11.0, a vulnerability exists for stored XSS on the user dropdown selector when creating or editing tickets. The XSS executes when a user engages with that dropdown on that page.
- CVE-2019-0197Jun 11, 2019risk 0.00cvss —epss 0.08
A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration…
- CVE-2018-11801Jun 11, 2019risk 0.00cvss —epss 0.05
SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary SQL commands via a query on a m_center data related table.
- CVE-2018-11800Jun 11, 2019risk 0.00cvss —epss 0.05
SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary SQL commands via a query on the GroupSummaryCounts related table.
- CVE-2019-0188May 28, 2019risk 0.00cvss —epss 0.08
Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed.
- CVE-2018-17198May 28, 2019risk 0.00cvss —epss 0.04
Server-side Request Forgery (SSRF) and File Enumeration vulnerability in Apache Roller 5.2.1, 5.2.0 and earlier unsupported versions relies on Java SAX Parser to implement its XML-RPC interface and by default that parser supports external entities in XML DOCTYPE, which opens…
- CVE-2019-0201May 23, 2019risk 0.00cvss —epss 0.10
An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string.…
- CVE-2019-0226May 9, 2019risk 0.00cvss —epss 0.02
Apache Karaf Config service provides a install method (via service or MBean) that could be used to travel in any directory and overwrite existing file. The vulnerability is low if the Karaf process user has limited permission on the filesystem. Any Apache Karaf version before…
- CVE-2018-8035May 1, 2019risk 0.00cvss —epss 0.05
This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC (<= 2.2.2) which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user…
- CVE-2019-0214Apr 30, 2019risk 0.00cvss —epss 0.05
In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file.
- CVE-2019-0213Apr 30, 2019risk 0.00cvss —epss 0.05
In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the…
- CVE-2019-0223Apr 23, 2019risk 0.00cvss —epss 0.06
While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with…
- CVE-2018-1328Apr 23, 2019risk 0.00cvss —epss 0.06
Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by "Josna Joseph".
- CVE-2018-1317Apr 23, 2019risk 0.00cvss —epss 0.05
In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication.
- CVE-2017-12619Apr 23, 2019risk 0.00cvss —epss 0.05
Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".
- CVE-2019-0218Apr 22, 2019risk 0.00cvss —epss 0.05
A vulnerability was discovered wherein a specially crafted URL could enable reflected XSS via JavaScript in the pony mail interface.
- CVE-2019-0216Apr 10, 2019risk 0.00cvss —epss 0.03
A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views.
- CVE-2019-0229Apr 10, 2019risk 0.00cvss —epss 0.01
A number of HTTP endpoints in the Airflow webserver (both RBAC and classic) did not have adequate protection and were vulnerable to cross-site request forgery attacks.
- CVE-2019-0215Apr 8, 2019risk 0.00cvss —epss 0.11
In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.
- CVE-2019-0222Mar 28, 2019risk 0.00cvss —epss 0.12
In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.
- CVE-2018-11789Mar 18, 2019risk 0.00cvss —epss 0.07
When accessing the heron-ui webpage, people can modify the file paths outside of the current container to access any file on the host. Example woule be modifying the parameter path= to go to the directory you would like to view. i.e. ..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd.
- CVE-2018-11767Mar 18, 2019risk 0.00cvss —epss 0.04
In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms.
- CVE-2018-11783Mar 7, 2019risk 0.00cvss —epss 0.02
sslheaders plugin extracts information from the client certificate and sets headers in the request based on the configuration of the plugin. The plugin doesn't strip the headers from the request in some scenarios. This problem was discovered in versions 6.0.0 to 6.0.3, 7.0.0 to…
- CVE-2019-0200Mar 6, 2019risk 0.00cvss —epss 0.04
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, 0-91…
- CVE-2018-20244Feb 27, 2019risk 0.00cvss —epss 0.02
In Apache Airflow before 1.10.2, a malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views.
- CVE-2019-5736Feb 11, 2019risk 0.00cvss —epss 0.99
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new…
Page 44 of 51