Filtered by vendor Apache
Subscriptions
Filtered by product Xml-rpc
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-17570 | 5 Apache, Canonical, Debian and 2 more | 8 Xml-rpc, Ubuntu Linux, Debian Linux and 5 more | 2024-11-21 | 9.8 Critical |
| An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue will not be fixed. | ||||
| CVE-2016-5002 | 2 Apache, Redhat | 2 Xml-rpc, Jboss Fuse | 2024-11-21 | N/A |
| XML external entity (XXE) vulnerability in the Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted DTD. | ||||
Page 1 of 1.