Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2022-45378
- EPSS 8.86%
- Published 14.11.2022 14:15:10
- Last modified 21.11.2024 07:29:08
In the default configuration of Apache SOAP, an RPCRouterServlet is available without authentication. This gives an attacker the possibility to invoke methods on the classpath that meet certain criteria. Depending on what classes are available on the...
7.5
CVE-2022-40705
- EPSS 0.1%
- Published 22.09.2022 09:15:09
- Last modified 21.11.2024 07:21:53
An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP version 2.2 and later versions. It is unknown whether previ...
1