Filtered by vendor Apache
Subscribe
Total
2616 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-8027 | 1 Apache | 1 Camel | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in XSD validation processor. | |||||
| CVE-2018-8038 | 1 Apache | 1 Cxf Fediz | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable Document Type Declarations (DTDs) when either parsing the Identity Provider response in the application plugins, or in the Identity Provider itself when parsing certain XML-based parameters. | |||||
| CVE-2019-0197 | 6 Apache, Canonical, Fedoraproject and 3 more | 12 Http Server, Ubuntu Linux, Fedora and 9 more | 2023-11-07 | 4.9 MEDIUM | 4.2 MEDIUM |
| A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server that never enabled the h2 protocol or that only enabled it for https: and did not set "H2Upgrade on" are unaffected by this issue. | |||||
| CVE-2019-0195 | 1 Apache | 1 Tapestry | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. If the attacker found the file with the value of the tapestry.hmac-passphrase configuration symbol, most probably the webapp's AppModule class, the value of this symbol could be used to craft a Java deserialization attack, thus running malicious injected Java code. The vector would be the t:formdata parameter from the Form component. | |||||
| CVE-2018-20244 | 1 Apache | 1 Airflow | 2023-11-07 | 3.5 LOW | 5.5 MEDIUM |
| In Apache Airflow before 1.10.2, a malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. | |||||
| CVE-2018-21234 | 2 Apache, Jodd | 2 Hive, Jodd | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Jodd before 5.0.4 performs Deserialization of Untrusted JSON Data when setClassMetadataName is set. | |||||
| CVE-2018-20245 | 1 Apache | 1 Airflow | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking. | |||||
| CVE-2018-20242 | 1 Apache | 1 Jspwiki | 2023-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| A carefully crafted URL could trigger an XSS vulnerability on Apache JSPWiki, from versions up to 2.10.5, which could lead to session hijacking. | |||||
| CVE-2018-1324 | 2 Apache, Oracle | 3 Commons Compress, Mysql Cluster, Weblogic Server | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services that use Compress' zip package. | |||||
| CVE-2018-1328 | 1 Apache | 1 Zeppelin | 2023-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by "Josna Joseph". | |||||
| CVE-2018-1333 | 4 Apache, Canonical, Netapp and 1 more | 6 Http Server, Ubuntu Linux, Cloud Backup and 3 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.18-2.4.30,2.4.33). | |||||
| CVE-2018-1312 | 5 Apache, Canonical, Debian and 2 more | 14 Http Server, Ubuntu Linux, Debian Linux and 11 more | 2023-11-07 | 6.8 MEDIUM | 9.8 CRITICAL |
| In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection. | |||||
| CVE-2018-1334 | 1 Apache | 1 Spark | 2023-11-07 | 1.9 LOW | 4.7 MEDIUM |
| In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. | |||||
| CVE-2018-1308 | 2 Apache, Debian | 2 Solr, Debian Linux | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion (XXE) in the `&dataConfig=<inlinexml>` parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. | |||||
| CVE-2018-1320 | 4 Apache, Debian, F5 and 1 more | 5 Thrift, Debian Linux, Traffix Signaling Delivery Controller and 2 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making the validation incomplete. | |||||
| CVE-2018-1285 | 4 Apache, Fedoraproject, Netapp and 1 more | 7 Log4net, Fedora, Manageability Software Development Kit and 4 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files. | |||||
| CVE-2018-1290 | 1 Apache | 1 Fineract | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, Using a single quotation escape with two continuous SQL parameters can cause a SQL injection. This could be done in Methods like retrieveAuditEntries of AuditsApiResource Class and retrieveCommands of MakercheckersApiResource Class. | |||||
| CVE-2018-1283 | 5 Apache, Canonical, Debian and 2 more | 8 Http Server, Ubuntu Linux, Debian Linux and 5 more | 2023-11-07 | 3.5 LOW | 5.3 MEDIUM |
| In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the "HTTP_SESSION" variable name used by mod_session to forward its data to CGIs, since the prefix "HTTP_" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications. | |||||
| CVE-2018-1315 | 1 Apache | 1 Hive | 2023-11-07 | 4.3 MEDIUM | 3.7 LOW |
| In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement is run using HPL/SQL extension to Hive, a compromised/malicious FTP server can cause the file to be written to an arbitrary location on the cluster where the command is run from. This is because FTP client code in HPL/SQL does not verify the destination location of the downloaded file. This does not affect hive cli user and hiveserver2 user as hplsql is a separate command line script and needs to be invoked differently. | |||||
| CVE-2018-1289 | 1 Apache | 1 Fineract | 2023-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, the system exposes different REST end points to query domain specific entities with a Query Parameter 'orderBy' and 'sortOrder' which are appended directly with SQL statements. A hacker/user can inject/draft the 'orderBy' and 'sortOrder' query parameter in such a way to read/update the data for which he doesn't have authorization. | |||||