Vendor CVEs
Apache
All CVEs
2,550 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42403 | Hig | 0.49 | 7.5 | 0.01 | May 1, 2026 | Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references (where Policy A references Policy B which references Policy A), the policy normalization process can enter an infinite loop or cause… | ||
| CVE-2026-42402 | Hig | 0.49 | 7.5 | 0.01 | May 1, 2026 | Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion during the normalization process, causing unbounded memory… | ||
| CVE-2026-5088 | Hig | 0.49 | 7.5 | 0.01 | Apr 15, 2026 | Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts. The _make_salt and _make_salt_bcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are… | ||
| CVE-2026-39304 | Hig | 0.49 | 7.5 | 0.01 | Apr 10, 2026 | Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ. ActiveMQ NIO SSL transports do not correctly handle TLSv1.3 handshake KeyUpdates triggered by clients. This makes it possible for a client to rapidly trigger… | ||
| CVE-2018-11796 | Hig | 0.49 | 7.5 | 0.07 | Oct 9, 2018 | In Apache Tika 1.19 (CVE-2018-11761), we added an entity expansion limit for XML parsing. However, Tika reuses SAXParsers and calls reset() after each parse, which, for Xerces2 parsers, as per the documentation, removes the user-specified SecurityManager and thus removes entity… | ||
| CVE-2018-1310 | Hig | 0.49 | 7.5 | 0.03 | May 23, 2018 | Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS content could cause denial of service. See ActiveMQ CVE-2015-5254 announcement for more information. The fix to upgrade the activemq-client library to 5.15.3 was applied on the Apache… | ||
| CVE-2018-8012 | Hig | 0.49 | 7.5 | 0.09 | May 21, 2018 | No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader. | ||
| CVE-2018-1294 | Hig | 0.49 | 7.5 | 0.03 | Mar 20, 2018 | If a user of Apache Commons Email (typically an application programmer) passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details (recipients, contents, etc.) might be manipulated. Mitigation: Users should upgrade to… | ||
| CVE-2018-1316 | Hig | 0.49 | 7.5 | 0.03 | Mar 5, 2018 | The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion.… | ||
| CVE-2017-7671 | Hig | 0.49 | 7.5 | 0.02 | Feb 27, 2018 | There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump. | ||
| CVE-2018-1299 | Hig | 0.49 | 7.5 | 0.03 | Feb 6, 2018 | In Apache Allura before 1.8.0, unauthenticated attackers may retrieve arbitrary files through the Allura web application. Some webservers used with Allura, such as Nginx, Apache/mod_wsgi or paster may prevent the attack from succeeding. Others, such as gunicorn do not prevent it… | ||
| CVE-2017-12632 | Hig | 0.49 | 7.5 | 0.03 | Jan 23, 2018 | A malicious host header in an incoming HTTP request could cause NiFi to load resources from an external server. The fix to sanitize host headers and compare to a controlled whitelist was applied on the Apache NiFi 1.5.0 release. Users running a prior 1.x release should upgrade… | ||
| CVE-2012-3353 | Hig | 0.49 | 7.5 | 0.03 | Jan 9, 2018 | The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the content repository, including local files, causing potential information leaks. Users should upgrade to version 2.1.6 of the JCR… | ||
| CVE-2014-0115 | Hig | 0.49 | 7.5 | 0.05 | Oct 30, 2017 | Directory traversal vulnerability in the log viewer in Apache Storm 0.9.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to log. | ||
| CVE-2014-3526 | Hig | 0.49 | 7.5 | 0.02 | Oct 30, 2017 | Apache Wicket before 1.5.12, 6.x before 6.17.0, and 7.x before 7.0.0-M3 might allow remote attackers to obtain sensitive information via vectors involving identifiers for storing page markup for temporary user sessions. | ||
| CVE-2010-2232 | Hig | 0.49 | 7.5 | 0.04 | Oct 23, 2017 | In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file. | ||
| CVE-2017-5635 | Hig | 0.49 | 7.5 | 0.03 | Oct 19, 2017 | In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user. | ||
| CVE-2017-9793 | Hig | 0.49 | 7.5 | 0.07 | Sep 20, 2017 | The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload. | ||
| CVE-2017-9803 | Hig | 0.49 | 7.5 | 0.02 | Sep 18, 2017 | Apache Solr's Kerberos plugin can be configured to use delegation tokens, which allows an application to reuse the authentication of an end-user or another application. There are two issues with this functionality (when using SecurityAwareZkACLProvider type of ACL provider e.g.… | ||
| CVE-2017-3163 | Hig | 0.49 | 7.5 | 0.07 | Aug 30, 2017 | When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special… | ||
| CVE-2017-3154 | Hig | 0.49 | 7.5 | 0.02 | Aug 29, 2017 | Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information. | ||
| CVE-2016-8752 | Hig | 0.49 | 7.5 | 0.02 | Aug 29, 2017 | Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img. | ||
| CVE-2015-5209 | Hig | 0.49 | 7.5 | 0.09 | Aug 29, 2017 | Apache Struts 2.x before 2.3.24.1 allows remote attackers to manipulate Struts internals, alter user sessions, or affect container settings via vectors involving a top object. | ||
| CVE-2012-0880 | Hig | 0.49 | 7.5 | 0.04 | Aug 8, 2017 | Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a crafted message sent to an XML service that causes hash table collisions. | ||
| CVE-2010-2245 | Hig | 0.49 | 7.4 | 0.12 | Aug 8, 2017 | XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and earlier allows remote attackers to read arbitrary files or cause a denial of service via a crafted XML document. | ||
| CVE-2017-9801 | Hig | 0.49 | 7.5 | 0.06 | Aug 7, 2017 | When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers. | ||
| CVE-2017-7688 | Hig | 0.49 | 7.5 | 0.03 | Jul 17, 2017 | Apache OpenMeetings 1.0.0 updates user password in insecure manner. | ||
| CVE-2017-7684 | Hig | 0.49 | 7.5 | 0.03 | Jul 17, 2017 | Apache OpenMeetings 1.0.0 doesn't check contents of files being uploaded. An attacker can cause a denial of service by uploading multiple large files to the server. | ||
| CVE-2017-7683 | Hig | 0.49 | 7.5 | 0.02 | Jul 17, 2017 | Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error stack trace, which is not secure. | ||
| CVE-2017-7680 | Hig | 0.49 | 7.5 | 0.02 | Jul 17, 2017 | Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file. This allows for flash content to be loaded from untrusted domains. | ||
| CVE-2017-5652 | Hig | 0.49 | 7.5 | 0.01 | Jul 10, 2017 | During a routine security analysis, it was found that one of the ports in Apache Impala (incubating) 2.7.0 to 2.8.0 sent data in plaintext even when the cluster was configured to use TLS. The port in question was used by the StatestoreSubscriber class which did not use the… | ||
| CVE-2017-7660 | Hig | 0.49 | 7.5 | 0.06 | Jul 7, 2017 | Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe… | ||
| CVE-2017-7686 | Hig | 0.49 | 7.5 | 0.03 | Jun 28, 2017 | Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server (http://ignite.run)… | ||
| CVE-2017-7667 | Hig | 0.49 | 7.5 | 0.01 | Jun 12, 2017 | Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers to only allow framing with the same origin. | ||
| CVE-2017-7669 | Hig | 0.49 | 7.5 | 0.02 | Jun 5, 2017 | In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation. When the docker feature is enabled, authenticated users can run commands as root. | ||
| CVE-2016-3083 | Hig | 0.49 | 7.5 | 0.01 | May 30, 2017 | Apache Hive (JDBC + HiveServer2) implements SSL for plain TCP and HTTP connections (it supports both transport modes). While validating the server's certificate during the connection setup, the client in Apache Hive before 1.2.2 and 2.0.x before 2.0.1 doesn't seem to be… | ||
| CVE-2016-8741 | Hig | 0.49 | 7.5 | 0.06 | May 15, 2017 | The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in… | ||
| CVE-2017-5654 | Hig | 0.49 | 7.5 | 0.02 | May 12, 2017 | In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes. | ||
| CVE-2017-5659 | Hig | 0.49 | 7.5 | 0.03 | Apr 17, 2017 | Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding. | ||
| CVE-2016-5396 | Hig | 0.49 | 7.5 | 0.03 | Apr 17, 2017 | Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack. | ||
| CVE-2017-5649 | Hig | 0.49 | 7.5 | 0.03 | Apr 4, 2017 | Apache Geode before 1.1.1, when a cluster has enabled security by setting the security-manager property, allows remote authenticated users with CLUSTER:READ but not DATA:READ permission to access the data browser page in Pulse and consequently execute an OQL query that exposes… | ||
| CVE-2017-6056 | Hig | 0.49 | 7.5 | 0.07 | Feb 17, 2017 | It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not… | ||
| CVE-2016-6497 | Hig | 0.49 | 7.5 | 0.06 | Jan 18, 2017 | main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP API in Apache allows attackers to conduct LDAP entry poisoning attacks by leveraging setting returnObjFlag to true for all search methods. | ||
| CVE-2016-4974 | Hig | 0.49 | 7.5 | 0.06 | Jul 13, 2016 | Apache Qpid AMQP 0-x JMS client before 6.0.4 and JMS (AMQP 1.0) before 0.10.0 does not restrict the use of classes available on the classpath, which might allow remote authenticated users with permission to send messages to deserialize arbitrary objects and execute arbitrary… | ||
| CVE-2016-2164 | Hig | 0.49 | 7.5 | 0.07 | Apr 11, 2016 | The (1) FileService.importFileByInternalUserId and (2) FileService.importFile SOAP API methods in Apache OpenMeetings before 3.1.1 improperly use the Java URL class without checking the specified protocol handler, which allows remote attackers to read arbitrary files by… | ||
| CVE-2016-0783 | Hig | 0.49 | 7.5 | 0.07 | Apr 11, 2016 | The sendHashByUser function in Apache OpenMeetings before 3.1.1 generates predictable password reset tokens, which makes it easier for remote attackers to reset arbitrary user passwords by leveraging knowledge of a user name and the current system time. | ||
| CVE-2009-1955 | Hig | 0.49 | 7.5 | 0.53 | Jun 8, 2009 | The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document… | ||
| CVE-2026-50631 | Hig | 0.48 | 7.4 | 0.00 | Jun 12, 2026 | A race condition in AbstractOAuthDataProvider allows concurrent requests using the same Refresh Token to bypass single-use semantics and generate multiple valid Access Tokens, when 'recycleRefreshTokens' is set to false. A leaked refresh token can be replayed concurrently by… | ||
| CVE-2018-8020 | Hig | 0.48 | 7.4 | 0.04 | Jul 31, 2018 | Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists (multiple entries) of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users… | ||
| CVE-2018-8019 | Hig | 0.48 | 7.4 | 0.04 | Jul 31, 2018 | When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked… |
- risk 0.49cvss 7.5epss 0.01
Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references (where Policy A references Policy B which references Policy A), the policy normalization process can enter an infinite loop or cause…
- risk 0.49cvss 7.5epss 0.01
Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion during the normalization process, causing unbounded memory…
- risk 0.49cvss 7.5epss 0.01
Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts. The _make_salt and _make_salt_bcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are…
- risk 0.49cvss 7.5epss 0.01
Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ. ActiveMQ NIO SSL transports do not correctly handle TLSv1.3 handshake KeyUpdates triggered by clients. This makes it possible for a client to rapidly trigger…
- risk 0.49cvss 7.5epss 0.07
In Apache Tika 1.19 (CVE-2018-11761), we added an entity expansion limit for XML parsing. However, Tika reuses SAXParsers and calls reset() after each parse, which, for Xerces2 parsers, as per the documentation, removes the user-specified SecurityManager and thus removes entity…
- risk 0.49cvss 7.5epss 0.03
Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS content could cause denial of service. See ActiveMQ CVE-2015-5254 announcement for more information. The fix to upgrade the activemq-client library to 5.15.3 was applied on the Apache…
- risk 0.49cvss 7.5epss 0.09
No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader.
- risk 0.49cvss 7.5epss 0.03
If a user of Apache Commons Email (typically an application programmer) passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details (recipients, contents, etc.) might be manipulated. Mitigation: Users should upgrade to…
- risk 0.49cvss 7.5epss 0.03
The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion.…
- risk 0.49cvss 7.5epss 0.02
There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump.
- risk 0.49cvss 7.5epss 0.03
In Apache Allura before 1.8.0, unauthenticated attackers may retrieve arbitrary files through the Allura web application. Some webservers used with Allura, such as Nginx, Apache/mod_wsgi or paster may prevent the attack from succeeding. Others, such as gunicorn do not prevent it…
- risk 0.49cvss 7.5epss 0.03
A malicious host header in an incoming HTTP request could cause NiFi to load resources from an external server. The fix to sanitize host headers and compare to a controlled whitelist was applied on the Apache NiFi 1.5.0 release. Users running a prior 1.x release should upgrade…
- risk 0.49cvss 7.5epss 0.03
The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the content repository, including local files, causing potential information leaks. Users should upgrade to version 2.1.6 of the JCR…
- risk 0.49cvss 7.5epss 0.05
Directory traversal vulnerability in the log viewer in Apache Storm 0.9.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to log.
- risk 0.49cvss 7.5epss 0.02
Apache Wicket before 1.5.12, 6.x before 6.17.0, and 7.x before 7.0.0-M3 might allow remote attackers to obtain sensitive information via vectors involving identifiers for storing page markup for temporary user sessions.
- risk 0.49cvss 7.5epss 0.04
In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file.
- risk 0.49cvss 7.5epss 0.03
In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user.
- risk 0.49cvss 7.5epss 0.07
The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload.
- risk 0.49cvss 7.5epss 0.02
Apache Solr's Kerberos plugin can be configured to use delegation tokens, which allows an application to reuse the authentication of an end-user or another application. There are two issues with this functionality (when using SecurityAwareZkACLProvider type of ACL provider e.g.…
- risk 0.49cvss 7.5epss 0.07
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special…
- risk 0.49cvss 7.5epss 0.02
Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information.
- risk 0.49cvss 7.5epss 0.02
Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img.
- risk 0.49cvss 7.5epss 0.09
Apache Struts 2.x before 2.3.24.1 allows remote attackers to manipulate Struts internals, alter user sessions, or affect container settings via vectors involving a top object.
- risk 0.49cvss 7.5epss 0.04
Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a crafted message sent to an XML service that causes hash table collisions.
- risk 0.49cvss 7.4epss 0.12
XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and earlier allows remote attackers to read arbitrary files or cause a denial of service via a crafted XML document.
- risk 0.49cvss 7.5epss 0.06
When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers.
- risk 0.49cvss 7.5epss 0.03
Apache OpenMeetings 1.0.0 updates user password in insecure manner.
- risk 0.49cvss 7.5epss 0.03
Apache OpenMeetings 1.0.0 doesn't check contents of files being uploaded. An attacker can cause a denial of service by uploading multiple large files to the server.
- risk 0.49cvss 7.5epss 0.02
Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error stack trace, which is not secure.
- risk 0.49cvss 7.5epss 0.02
Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file. This allows for flash content to be loaded from untrusted domains.
- risk 0.49cvss 7.5epss 0.01
During a routine security analysis, it was found that one of the ports in Apache Impala (incubating) 2.7.0 to 2.8.0 sent data in plaintext even when the cluster was configured to use TLS. The port in question was used by the StatestoreSubscriber class which did not use the…
- risk 0.49cvss 7.5epss 0.06
Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe…
- risk 0.49cvss 7.5epss 0.03
Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server (http://ignite.run)…
- risk 0.49cvss 7.5epss 0.01
Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers to only allow framing with the same origin.
- risk 0.49cvss 7.5epss 0.02
In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation. When the docker feature is enabled, authenticated users can run commands as root.
- risk 0.49cvss 7.5epss 0.01
Apache Hive (JDBC + HiveServer2) implements SSL for plain TCP and HTTP connections (it supports both transport modes). While validating the server's certificate during the connection setup, the client in Apache Hive before 1.2.2 and 2.0.x before 2.0.1 doesn't seem to be…
- risk 0.49cvss 7.5epss 0.06
The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in…
- risk 0.49cvss 7.5epss 0.02
In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.
- risk 0.49cvss 7.5epss 0.03
Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding.
- risk 0.49cvss 7.5epss 0.03
Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack.
- risk 0.49cvss 7.5epss 0.03
Apache Geode before 1.1.1, when a cluster has enabled security by setting the security-manager property, allows remote authenticated users with CLUSTER:READ but not DATA:READ permission to access the data browser page in Pulse and consequently execute an OQL query that exposes…
- risk 0.49cvss 7.5epss 0.07
It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not…
- risk 0.49cvss 7.5epss 0.06
main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP API in Apache allows attackers to conduct LDAP entry poisoning attacks by leveraging setting returnObjFlag to true for all search methods.
- risk 0.49cvss 7.5epss 0.06
Apache Qpid AMQP 0-x JMS client before 6.0.4 and JMS (AMQP 1.0) before 0.10.0 does not restrict the use of classes available on the classpath, which might allow remote authenticated users with permission to send messages to deserialize arbitrary objects and execute arbitrary…
- risk 0.49cvss 7.5epss 0.07
The (1) FileService.importFileByInternalUserId and (2) FileService.importFile SOAP API methods in Apache OpenMeetings before 3.1.1 improperly use the Java URL class without checking the specified protocol handler, which allows remote attackers to read arbitrary files by…
- risk 0.49cvss 7.5epss 0.07
The sendHashByUser function in Apache OpenMeetings before 3.1.1 generates predictable password reset tokens, which makes it easier for remote attackers to reset arbitrary user passwords by leveraging knowledge of a user name and the current system time.
- risk 0.49cvss 7.5epss 0.53
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document…
- risk 0.48cvss 7.4epss 0.00
A race condition in AbstractOAuthDataProvider allows concurrent requests using the same Refresh Token to bypass single-use semantics and generate multiple valid Access Tokens, when 'recycleRefreshTokens' is set to false. A leaked refresh token can be replayed concurrently by…
- risk 0.48cvss 7.4epss 0.04
Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists (multiple entries) of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users…
- risk 0.48cvss 7.4epss 0.04
When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked…
Page 7 of 51