UBUNTU-CVE-2019-0227

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2019-0227

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-0227.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2019-0227

Related

CVE-2019-0227

Published

2019-05-01T21:29:00Z

Modified

2024-10-15T14:06:47Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
7.5 (High) CVSS_V3 - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue.

References

Affected packages

Ubuntu:Pro:16.04:LTS / axis

Package

Name: axis
Purl: pkg:deb/ubuntu/axis?arch=src?distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.4-22

1.4-23

1.4-24

1.4-24ubuntu0.1~esm1

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:Pro:18.04:LTS / axis

Package

Name: axis
Purl: pkg:deb/ubuntu/axis?arch=src?distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.4-25

1.4-25ubuntu0.1~esm1

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:20.04:LTS / axis

Package

Name: axis
Purl: pkg:deb/ubuntu/axis?arch=src?distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.4-28

1.4-28+deb10u1build0.20.04.1

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:22.04:LTS / axis

Package

Name: axis
Purl: pkg:deb/ubuntu/axis?arch=src?distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.4-28

1.4-28+deb10u1build0.22.04.1

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:24.10 / axis

Package

Name: axis
Purl: pkg:deb/ubuntu/axis?arch=src?distro=oracular

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.4-29

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:24.04:LTS / axis

Package

Name: axis
Purl: pkg:deb/ubuntu/axis?arch=src?distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.4-28

1.4-29

Ecosystem specific

{
    "ubuntu_priority": "low"
}