Techsmith snagit 10.0.2 build 2111/14/2022 In Apache Calcite prior to version 1.32.0 the SQL operators EXISTS_NODE, EXTRACT_XML, XML_TRANSFORM and EXTRACT_VALUE do not restrict XML External Entity references in their configuration, which makes them vulnerable to a potential XML External Entity (XXE) attack. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. It is unknown whether previous versions are also affected. This issue affects Apache SOAP version 2.2 and later versions. ** UNSUPPORTED WHEN ASSIGNED ** An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) injection attack through the nbars process. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.Īn issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. Exploitation of this issue does not require user interaction.Īn issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. TECHSMITH SNAGIT 10.0.2 BUILD 21 UPDATEAdobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary file system read.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |