Vulnerabilities > Apache
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-20 | CVE-2019-10077 | Cross-site Scripting vulnerability in Apache Jspwiki A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. | 6.1 |
2019-05-20 | CVE-2019-10076 | Cross-site Scripting vulnerability in Apache Jspwiki A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. | 6.1 |
2019-05-09 | CVE-2019-0226 | Path Traversal vulnerability in Apache Karaf Apache Karaf Config service provides a install method (via service or MBean) that could be used to travel in any directory and overwrite existing file. | 4.9 |
2019-05-06 | CVE-2018-17202 | Infinite Loop vulnerability in Apache Commons Imaging 0.97 Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. | 7.5 |
2019-05-06 | CVE-2018-17201 | Unspecified vulnerability in Apache Commons Imaging 0.97 Certain input files could make the code hang when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. | 7.5 |
2019-05-01 | CVE-2019-0227 | Server-Side Request Forgery (SSRF) vulnerability in multiple products A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. | 7.5 |
2019-05-01 | CVE-2018-8035 | Cross-site Scripting vulnerability in Apache Uimaducc This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC (<= 2.2.2) which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code. | 6.1 |
2019-04-30 | CVE-2019-0214 | Unspecified vulnerability in Apache Archiva In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. | 6.5 |
2019-04-30 | CVE-2019-0213 | Cross-site Scripting vulnerability in Apache Archiva In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. | 6.5 |
2019-04-30 | CVE-2019-0194 | Path Traversal vulnerability in Apache Camel Apache Camel's File is vulnerable to directory traversal. | 7.5 |