Vulnerabilities > Softwareag > Quartz > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-07-28 CVE-2023-39017 Code Injection vulnerability in Softwareag Quartz
quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute.
network
low complexity
softwareag CWE-94
critical
 9.8
9.8
2019-07-26 CVE-2019-13990 XXE vulnerability in multiple products
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
network
low complexity
softwareag oracle apache netapp atlassian CWE-611
critical
 9.8
9.8