Skip to main content

Nutch

2 CVEs product

Monthly

CVE-2021-23901 Maven CRITICAL PATCH Act Now

An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache XXE Nutch Snap Creator Framework
NVD
CVSS 3.1
9.1
EPSS
4.4%
CVE-2016-6809 Maven CRITICAL PATCH Act Now

Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Java Apache RCE Nutch +1
NVD
CVSS 3.1
9.8
EPSS
7.0%
EPSS 4% CVSS 9.1
CRITICAL PATCH Act Now

An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache XXE Nutch +1
NVD
EPSS 7% CVSS 9.8
CRITICAL PATCH Act Now

Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Java Apache +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy