CVE-2022-41852 is a vulnerability in Apache Commons Jxpath
Published on October 6, 2022
Products Associated with CVE-2022-41852
Want to know whenever a new CVE is published for Apache Commons Jxpath? stack.watch will email you.
Vulnerable Packages
The following package name and versions may be associated with CVE-2022-41852
| Package Manager | Vulnerable Package | Versions | Fixed In |
|---|---|---|---|
| maven | pl.allegro.tech.hermes:hermes-management | < 2.2.9 | 2.2.9 |
| maven | org.geoserver:gs-wms | < 2.23.6 | 2.23.6 |
| maven | org.geoserver:gs-wfs | < 2.23.6 | 2.23.6 |
| maven | org.geoserver.web:gs-web-app | < 2.23.6 | 2.23.6 |
| maven | org.geoserver:gs-wms | >= 2.25.0, < 2.25.2 | 2.25.2 |
| maven | org.geoserver:gs-wfs | >= 2.25.0, < 2.25.2 | 2.25.2 |
| maven | org.geoserver.web:gs-web-app | >= 2.25.0, < 2.25.2 | 2.25.2 |
| maven | org.geoserver:gs-wms | >= 2.24.0, < 2.24.4 | 2.24.4 |
| maven | org.geoserver:gs-wfs | >= 2.24.0, < 2.24.4 | 2.24.4 |
| maven | org.geoserver.web:gs-web-app | >= 2.24.0, < 2.24.4 | 2.24.4 |
Exploit Probability
EPSS
0.05%
Percentile
21.81%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.