← volver
CVE-2022-40159

Stack Overflow in JXPath

EPSS 1.2%CWE-121
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
06 oct 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
** DISPUTED ** This record was originally reported by the oss-fuzz project who failed to consider the security context in which JXPath is intended to be used and failed to contact the JXPath maintainers prior to requesting the CVE allocation. The CVE was then allocated by Google in breach of the CNA rules. After review by the JXPath maintainers, the original report was found to be invalid.
Productos afectados
jxpath · jxpath

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →