This may lead to denial of service or potentially remote code execution.
To fix this problem, update your php installations to version 7.1.9 or higher.
If you are using an outdated version of php, you can update it by following these instructions.
CVE-2018-6555: Apache Commons CCM (Apache Commons Collections Meetings) before version 1.5.0, as used in Apache Couchbase and Apache Solr, allows remote attackers to execute arbitrary commands on Couchbase Server or Solr due to a command injection vulnerability via the CCM_url parameter in a meeting request.
CVE-2018-6533: In XWork 2.0 and earlier, a remote code execution vulnerability exists due to the way XWork handles certain HTTP requests.
CVE-2018-6521: A remote code execution vulnerability exists due to the way XWork handles certain XML requests.
CVE-2018-6520: A remote code execution vulnerability exists due to the way XWork handles certain XML requests.
CVE-2018-6519: A remote code execution vulnerability exists due to the way XWork handles certain XML requests.
CVE-2018-6518: A remote code execution vulnerability exists due to the way XWork handles certain XML requests.
CVE-2018-6517: A remote code execution vulnerability exists due to the way XWork handles certain XML requests.
CVE-2018-6516:
XWork 2.0 and earlier
A remote code execution vulnerability exists due to the way XWork handles certain XML requests.
If you are using an outdated version of XWork, update it by following these instructions.
^^
This is a listing of CVEs, each with its own number.
The following are the top 10 vulnerabilities that have been identified by Symantec in 2018. To see the complete list, visit https://www.symantec.com/security-center/threat-report-database/2018.
Timeline
Published on: 09/14/2022 11:15:00 UTC
Last modified on: 09/25/2022 10:15:00 UTC