CVE-2016-5002

EPSS 3.53% · P88 Updated Feb 14, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2016-5002

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

XML external entity (XXE) vulnerability in the Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted DTD.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Apache Archiva Apache XML-RPC库安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Apache Archiva是美国阿帕奇（Apache）软件基金会的一套用于管理一个或多个远程存储的软件。该软件提供远程Repository代理、基于角色的安全访问管理和使用情况报告等功能。Apache XML-RPC（又名ws-xmlrpc）是其中的通过HTTP协议进行RPC通信的库。 Apache Archiva中的Apache XML-RPC库3.1.3版本中存在XML外部实体注入漏洞。远程攻击者可借助特制的DTD利用该漏洞实施服务器端请求伪造攻击。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2016-5002

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2016-5002

请登录查看更多情报信息。

https://security.gentoo.org/glsa/202401-26
http://www.securityfocus.com/bid/91736vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1036294vdb-entryx_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2018:3768vendor-advisoryx_refsource_REDHAT
https://exchange.xforce.ibmcloud.com/vulnerabilities/115042vdb-entryx_refsource_XF
http://www.openwall.com/lists/oss-security/2016/07/12/5mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2016-5002

Same Patch Batch · n/a · 2017-10-27 · 91 CVEs total

CVE-2017-5091		Google Chrome for Linux、Windows、Mac和Android IndexedDB 安全漏洞
CVE-2017-5088		Google Chrome for Linux、Windows、Mac和Android V8 输入验证错误漏洞
CVE-2017-5086		Google Chrome for Mac和Windows Omnibox 输入验证错误漏洞
CVE-2017-5083		Google Chrome for Linux、Windows、Mac和Android Blink 输入验证错误漏洞
CVE-2017-5082		Google Chrome for Android credit card autofill 信息泄露漏洞
CVE-2017-5081		Google Chrome for Linux、Windows、Mac和Android 输入验证错误漏洞
CVE-2017-5080		Google Chrome credit card autofill 安全漏洞
CVE-2017-5079		Google Chrome for Linux、Windows、Mac和Android Blink 输入验证错误漏洞
CVE-2017-5084		Google Chrome OS image-burner 信息泄露漏洞
CVE-2017-5090		Google Chrome for Mac Omnibox 安全漏洞
CVE-2017-5089		Google Chrome for Mac Omnibox 输入验证错误漏洞
CVE-2017-5092		Google Chrome for Windows PPAPI插件安全漏洞
CVE-2017-5093		Google Chrome for Linux、Windows、Mac和Android Blink 安全漏洞
CVE-2017-5094		Google Chrome for Linux、Windows、Mac和Android extensions 安全漏洞
CVE-2017-5095		Google Chrome for Mac、Windows和Linux PDFium 缓冲区错误漏洞
CVE-2017-5096		Google Chrome for Android 安全漏洞
CVE-2017-5097		Google Chrome for Linux Skia 安全漏洞
CVE-2017-5098		Google Chrome for Linux、Windows、Mac和Android V8 安全漏洞
CVE-2017-5099		Google Chrome for Mac PPAPI插件安全漏洞
CVE-2017-5100		Google Chrome for Windows Apps 安全漏洞

Showing top 20 of 91 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2016-5002

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2016-5002

I. Basic Information for CVE-2016-5002

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2016-5002

III. Intelligence Information for CVE-2016-5002

Same Patch Batch · n/a · 2017-10-27 · 91 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2016-5002

Leave a comment