Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both “${}” and “%{}” sequences, which causes the OGNL code to be evaluated twice.
References
https://nvd.nist.gov/v…
Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the n…
Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field.
Refe…
RDF4J prior to 2.5.0 allows Directory Traversal via ../ in an entry in a ZIP archive.
References
https://nvd.nist.gov/vuln/detail/CVE-2018-20227
https://github.com/eclipse/rdf4j/issues/1210
https://github.com/eclipse/rdf4j/pull/1211/commits/df15a4d7a8…
The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload. An attack…
Apache Solr’s Kerberos plugin can be configured to use delegation tokens, which allows an application to reuse the authentication of an end-user or another application. There are two issues with this functionality (when using SecurityAwareZkACLProvider…
RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors.
References
https://nvd.nist.gov/vuln/detail/CVE-2016-6346
https://bugzilla.redhat.com/show_bug.cgi?id=1372120
http://www.securityfocu…
Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF resulting in data modification.
References
https://nvd.nist.gov/vuln/detail/CVE-2017-1000244
https://jenkins.io/security/advisory/2017-06-06/
https://github.com/advisories/GHSA-jqwh…
When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries that allow read and write access to objects within unauthorized regions. In addition a us…
ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to “manipulate” the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exis…
