RSS   Vulnerabilities for 'Rdf4j'   RSS

2018-12-19
 
CVE-2018-20227

CWE-22
 
 
RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive.

 
2018-08-20
 
CVE-2018-1000644

CWE-611
 
 
Eclipse RDF4j version < 2.4.0 Milestone 2 contains a XML External Entity (XXE) vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted RDF file.

 

 >>> Vendor: Eclipse 30 Products
Eclipse ide
BIRT
Jetty
Tinydtls
KURA
IDE
Mosquitto
Mojarra
Vert.x
Openj9
Rdf4j
Wakaama
Hawkbit
OMR
Paho java client
Vorto
CHE
Memory analyzer
Theia
Web tools platform
HONO
Californium
Jersey
Cyclone data distribution service
KETI
Paho mqtt c\/c\+\+ client
Lemminx
Cyclonedds
LYO
Equinox p2

Copyright 2024, cxsecurity.com

 

Back to Top