Apache Commons Text is a library focused on string algorithms from the Apache Foundation, U.S. A remote code execution vulnerability exists in Apache Commons Text versions 1.5 through 1.9, which is caused by an insecure interpolation default flaw. An attacker could exploit this vulnerability to execute arbitrary code on the system.

CPENameOperatorVersion
apache apache common text >=1.5，le1.9

CPE	Name	Operator	Version
	apache apache common text >=1.5，	le	1.9

ubuntucve 1

debiancve 1

githubexploit 37

github 1

qualysblog 4

atlassian 5

paloalto 1

ibm 33

openvas 1

nvd 1

metasploit 1

cve 1

f5 1

malwarebytes 1

nessus 27

rapid7blog 3

veracode 1

wallarmlab 2

prion 1

zdt 1

osv 2

cvelist 1

redhatcve 1

gentoo 1

redos 1

redhat 27

impervablog 1

checkpoint_advisories 1

packetstorm 1

wordfence 1

thn 1

fortinet 1

hp 1

trellix 2

rocky 1

oracle 4

ubuntucve

CVE-2022-42889

2022-10-13 00:00:00

debiancve

CVE-2022-42889

2022-10-13 13:15:10

githubexploit

Exploit for Code Injection in Apache Commons Text

2022-10-17 18:33:58

Exploit for Code Injection in Apache Commons Text

2022-10-22 02:06:40

Exploit for Code Injection in Apache Commons Text

2022-11-04 19:26:23

github

Arbitrary code execution in Apache Commons Text

2022-10-13 19:00:17

qualysblog

CVE-2022-42889: Detect Text4Shell via Qualys Container Security

2022-10-25 21:55:05

Text4Shell: Detect, Prioritize and Remediate The Risk Across On-premise, Cloud, Container Environment Using Qualys Platform

2022-10-27 17:59:44

The January 2023 Oracle Critical Patch Update

2023-01-18 00:43:03

atlassian

Upgrade Apache Commons-text for CVE-2022-42889

2022-11-10 17:03:03

Upgrade OpenSearch to 1.3.7 to mitigate CVE-2022-42889

2022-12-06 23:56:26

Upgrade Apache Commons-text for CVE-2022-42889

2022-11-07 20:21:30

paloalto

Impact of Apache Text Commons Vulnerability CVE-2022-42889

2022-11-09 17:00:00

ibm

Security Bulletin: IBM Sterling Control Center is vulnerable to remote attack due to Apache Commons Text [CVE-2022-42889]

2022-11-30 14:32:45

Security Bulletin: IBM InfoSphere Information Server is affected by a remote code execution vulnerability in Apache Commons Text (CVE-2022-42889)

2023-05-17 02:29:34

Security Bulletin: IBM Spectrum Conductor is vulnerable to arbitrary code execution [CVE-2022-42889]

2023-01-19 11:52:46

openvas

Apache Commons Text 1.5 - 1.9 RCE Vulnerability (Text4Shell)

2022-11-25 00:00:00

nvd

CVE-2022-42889

2022-10-13 13:15:10

metasploit

Apache Commons Text RCE

2023-12-24 19:13:50

cve

CVE-2022-42889

2022-10-13 13:15:10

K24823443 : Apache Commons Text vulnerability CVE-2022-42889

2022-10-19 00:00:00

malwarebytes

Why Log4Text is not another Log4Shell

2022-10-19 19:00:00

nessus

Apache Commons Text 1.5.x < 1.10.0 Remote Code Execution (CVE-2022-42889)

2022-10-19 00:00:00

Oracle Enterprise Manager Agent (January 2023 CPU)

2024-04-02 00:00:00

RHCOS 4 : OpenShift Container Platform 4.9.59 (RHSA-2023:1524)

2024-01-24 00:00:00

rapid7blog

CVE-2022-42889: Keep Calm and Stop Saying "4Shell"

2022-10-17 20:36:16

Rapid7’s Impact from Apache Commons Text Vulnerability (CVE-2022-42889)

2022-11-04 13:00:00

Metasploit Weekly Wrap-Up 01/26/24

2024-01-26 21:12:17

veracode

Arbitrary Code Execution

2022-10-14 18:57:11

wallarmlab

New text2shell RCE vulnerability in Apache Common Texts CVE-2022-42889

2022-10-18 05:02:38

Q4-2022 API ThreatStats™ Report

2023-02-22 16:02:55

prion

Design/Logic Flaw

2022-10-13 13:15:00

zdt

Apache Commons Text 1.9 Remote Code Execution Exploit

2024-01-21 00:00:00

osv

CVE-2022-42889

2022-10-13 13:15:10

Arbitrary code execution in Apache Commons Text

2022-10-13 19:00:17

cvelist

CVE-2022-42889 Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults

2022-10-13 00:00:00

redhatcve

CVE-2022-42889

2022-10-17 16:42:02

gentoo

Apache Commons Text: Arbitrary Code Execution

2023-01-11 00:00:00

redos

ROS-20230922-01

2023-09-22 00:00:00

redhat

(RHSA-2023:1524) Critical: OpenShift Container Platform 4.9.59 security update

2023-04-05 23:19:11

(RHSA-2022:8902) Moderate: Red Hat Camel for Spring Boot 3.18.3 release and security update

2022-12-08 13:23:48

(RHSA-2023:1866) Moderate: OpenShift Container Platform 4.10.58 security update

2023-04-26 05:27:47

impervablog

Apache Commons Text vulnerability CVE-2022-42889

2022-10-18 18:30:39

checkpoint_advisories

Apache Commons Text Remote Code Execution (CVE-2022-42889)

2022-10-18 00:00:00

packetstorm

Apache Commons Text 1.9 Remote Code Execution

2024-01-19 00:00:00

wordfence

Threat Advisory: Monitoring CVE-2022-42889 “Text4Shell” Exploit Attempts

2022-10-20 18:40:50

thn

Hackers Started Exploiting Critical "Text4Shell" Apache Commons Text Vulnerability

2022-10-21 11:03:00

fortinet

Apache commons_text(CVE-2022-42889) and commons_configuration (CVE-2022-33980) vulnerability

2022-10-28 00:00:00

Apache Text4Shell and others update for Teradici Cloud Access Connector

2022-12-15 00:00:00

trellix

The Bug Report October 2022 Edition

2022-11-02 00:00:00

The Bug Report October 2022 Edition

2022-11-02 00:00:00

rocky

Satellite 6.13 Release

2023-05-05 15:39:58

oracle

Oracle Critical Patch Update Advisory - January 2024

2024-01-16 00:00:00

Oracle Critical Patch Update Advisory - January 2023

2023-01-17 00:00:00

Oracle Critical Patch Update Advisory - April 2024

2024-04-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.972 High

EPSS

Percentile

99.8%

JSON

Related for CNVD-2022-73686