exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2013-7285

больше 6 лет назад

Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.

CVSS3: 9.8

EPSS: Средний

CVE-2013-7285

около 12 лет назад

Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.

CVSS2: 6.8

EPSS: Средний

CVE-2013-7285

больше 6 лет назад

Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.

CVSS3: 9.8

EPSS: Средний

CVE-2013-7285

больше 6 лет назад

Xstream API versions up to 1.4.6 and version 1.4.10, if the security f ...

CVSS3: 9.8

EPSS: Средний

GHSA-f554-x222-wgf7

больше 6 лет назад

Command Injection in Xstream

CVSS3: 9.8

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2013-7285 Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.	CVSS3: 9.8	15% Средний	больше 6 лет назад
CVE-2013-7285 Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.	CVSS2: 6.8	15% Средний	около 12 лет назад
CVE-2013-7285 Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.	CVSS3: 9.8	15% Средний	больше 6 лет назад
CVE-2013-7285 Xstream API versions up to 1.4.6 and version 1.4.10, if the security f ...	CVSS3: 9.8	15% Средний	больше 6 лет назад
GHSA-f554-x222-wgf7 Command Injection in Xstream	CVSS3: 9.8	15% Средний	больше 6 лет назад

Уязвимостей на страницу