![]() ![]() This affects the downstream GeoServer project Versions prior to 1.1.22 Programs allowing Jiffle script to be provided via network request can lead to a Remote Code Execution as the Jiffle script is compiled into Java code via Janino, and executed. Qualys ID 730744 Vendor Reference GHSA-v92f-j圆p-73rx CVE Reference CVE-2022-24816 CVSS Scores Base 9.8 / Temporal 9.1 Description JAI-EXT is an open-source project which aims to extend the Java Advanced Imaging (JAI) API. Published vulnerabilities by signing up for a Non-Qualys customers can audit their network for all We have published the detection on the date indicated,Īnd it will typically be available in the KnowledgeBase We are coding a detection and will typically publish it We are researching a detection and will publish one if Please reach out to Qualys Support for status of such support cases. Specific CVE feature requests filed via a Qualys Support case may or may not show up on this page. It may not show all the CVEs that are actively being investigated. Visibility into upcoming and new detections (QIDs) for allĭisclaimer: The Vulnerability Detection Pipeline is intended to give users an early insight into some of the CVEs the Qualys Research Team is investigating. Browse, filter by detection status, or search by CVE to get
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |