Skip to main content

Nablarch

2 CVEs product

Monthly

CVE-2019-5919 Maven CRITICAL PATCH Act Now

An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Nablarch
NVD
CVSS 3.0
9.1
EPSS
1.0%
CVE-2019-5918 CRITICAL Act Now

Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Nablarch
NVD
CVSS 3.0
9.1
EPSS
1.9%
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Nablarch
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Nablarch
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy