Описание
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users should upgrade to 2.6 or later.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- Release NotesVendor Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
8.2 High
CVSS3
6.4 Medium
CVSS2
Дефекты
Связанные уязвимости
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users should upgrade to 2.6 or later.
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users should upgrade to 2.6 or later.
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-sid ...
Server-side request forgery (SSRF) in Apache XmlGraphics Commons
EPSS
8.2 High
CVSS3
6.4 Medium
CVSS2