VDB

CVE-2019-0227

CVE-2019-0227 PUBLISHED

A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue.

EPSS 89.88% · 99.6th percentile

Risk Scores

EPSS Score
89.88%
99.6th percentile

Affected Products

VendorProductVersions
Ubuntu:24.04:LTSaxis0, 1.4-28, 1.4-29
Ubuntu:Pro:16.04:LTSaxis1.4-24ubuntu0.1~esm1, 1.4-23, 1.4-22
Ubuntu:22.04:LTSaxis*, 0, 1.4-28
Ubuntu:Pro:18.04:LTSaxis1.4-25, 0, 1.4-25ubuntu0.1~esm1
Ubuntu:25.10axis0, 1.4-29
Ubuntu:20.04:LTSaxis1.4-28+deb10u1build0.20.04.1, 1.4-28, 0

Exploit Intelligence

…and 18 more exploits

Timeline

  • CVE Published
  • Apr 9, 2019 PoC Published
  • Apr 14, 2021 EPSS Score
  • Sep 29, 2021 EPSS Score
  • Oct 21, 2021 EPSS Score
  • Apr 20, 2022 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 22, 2024 EPSS Score
  • May 12, 2024 EPSS Score
  • May 29, 2024 EPSS Score
  • Jun 22, 2024 EPSS Score
  • Aug 9, 2024 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›