Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2023-0027
Vulnerability from csaf_certbund
Published
2023-01-04 23:00
Modified
2023-02-23 23:00
Summary
IBM Tivoli Network Manager: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Tivoli Network Manager ist eine Netzanalysesoftware für das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "IBM Tivoli Network Manager ist eine Netzanalysesoftware für das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen.", title: "Angriff", }, { category: "general", text: "- Linux\n- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-0027 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0027.json", }, { category: "self", summary: "WID-SEC-2023-0027 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0027", }, { category: "external", summary: "IBM Security Bulletin 6958056 vom 2023-02-24", url: "https://www.ibm.com/support/pages/node/6958056", }, { category: "external", summary: "IBM Security Advisory vom 2023-01-04", url: "https://www.ibm.com/support/pages/node/6852633", }, { category: "external", summary: "IBM Security Advisory vom 2023-01-04", url: "https://www.ibm.com/support/pages/node/6852613", }, { category: "external", summary: "IBM Security Advisory vom 2023-01-04", url: "https://www.ibm.com/support/pages/node/6852611", }, { category: "external", summary: "IBM Security Advisory vom 2023-01-04", url: "https://www.ibm.com/support/pages/node/6852609", }, ], source_lang: "en-US", title: "IBM Tivoli Network Manager: Mehrere Schwachstellen", tracking: { current_release_date: "2023-02-23T23:00:00.000+00:00", generator: { date: "2024-08-15T17:40:51.947+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-0027", initial_release_date: "2023-01-04T23:00:00.000+00:00", revision_history: [ { date: "2023-01-04T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-02-23T23:00:00.000+00:00", number: "2", summary: "Neue Updates von IBM aufgenommen", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "IBM Tivoli Network Manager <= 4.2.0.15", product: { name: "IBM Tivoli Network Manager <= 4.2.0.15", product_id: "T024051", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:4.2.0.15", }, }, }, { category: "product_name", name: "IBM Tivoli Network Manager 4.2.0", product: { name: "IBM Tivoli Network Manager 4.2.0", product_id: "T025751", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:4.2.0", }, }, }, ], category: "product_name", name: "Tivoli Network Manager", }, ], category: "vendor", name: "IBM", }, ], }, vulnerabilities: [ { cve: "CVE-2022-24823", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2022-24823", }, { cve: "CVE-2022-2048", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2022-2048", }, { cve: "CVE-2022-2047", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2022-2047", }, { cve: "CVE-2021-41033", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2021-41033", }, { cve: "CVE-2020-36518", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2020-36518", }, { cve: "CVE-2020-11987", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2020-11987", }, { cve: "CVE-2019-17566", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2019-17566", }, { cve: "CVE-2018-8013", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2018-8013", }, { cve: "CVE-2017-5662", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2017-5662", }, { cve: "CVE-2016-3506", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2016-3506", }, { cve: "CVE-2015-0250", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2015-0250", }, { cve: "CVE-2009-4521", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2009-4521", }, { cve: "CVE-2009-4269", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2009-4269", }, { cve: "CVE-2007-2378", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], product_status: { known_affected: [ "T025751", ], last_affected: [ "T024051", ], }, release_date: "2023-01-04T23:00:00.000+00:00", title: "CVE-2007-2378", }, ], }
cve-2009-4521
Vulnerability from cvelistv5
Published
2009-12-31 19:00
Modified
2024-08-07 07:08
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/507172/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/37025 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/53773 | vdb-entry, x_refsource_XF | |
| http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss | x_refsource_MISC | |
| http://www.securityfocus.com/bid/36674 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/58941 | vdb-entry, x_refsource_OSVDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T07:08:38.122Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127", }, { name: "20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/507172/100/0/threaded", }, { name: "37025", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/37025", }, { name: "eclipse-report-xss(53773)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/53773", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss", }, { name: "36674", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/36674", }, { name: "58941", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/58941", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-10-13T00:00:00", descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127", }, { name: "20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/507172/100/0/threaded", }, { name: "37025", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/37025", }, { name: "eclipse-report-xss(53773)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/53773", }, { tags: [ "x_refsource_MISC", ], url: "http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss", }, { name: "36674", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/36674", }, { name: "58941", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/58941", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-4521", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127", refsource: "CONFIRM", url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127", }, { name: "20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/507172/100/0/threaded", }, { name: "37025", refsource: "SECUNIA", url: "http://secunia.com/advisories/37025", }, { name: "eclipse-report-xss(53773)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/53773", }, { name: "http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss", refsource: "MISC", url: "http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss", }, { name: "36674", refsource: "BID", url: "http://www.securityfocus.com/bid/36674", }, { name: "58941", refsource: "OSVDB", url: "http://www.osvdb.org/58941", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-4521", datePublished: "2009-12-31T19:00:00", dateReserved: "2009-12-31T00:00:00", dateUpdated: "2024-08-07T07:08:38.122Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2007-2378
Vulnerability from cvelistv5
Published
2007-04-30 23:00
Modified
2024-08-07 13:33
Severity ?
EPSS score ?
Summary
The Google Web Toolkit (GWT) framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf | x_refsource_MISC | |
| http://osvdb.org/43321 | vdb-entry, x_refsource_OSVDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T13:33:28.628Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf", }, { name: "43321", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/43321", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-03-12T00:00:00", descriptions: [ { lang: "en", value: "The Google Web Toolkit (GWT) framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2008-11-13T10:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf", }, { name: "43321", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/43321", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-2378", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Google Web Toolkit (GWT) framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf", refsource: "MISC", url: "http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf", }, { name: "43321", refsource: "OSVDB", url: "http://osvdb.org/43321", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-2378", datePublished: "2007-04-30T23:00:00", dateReserved: "2007-04-30T00:00:00", dateUpdated: "2024-08-07T13:33:28.628Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-41033
Vulnerability from cvelistv5
Published
2021-09-13 20:55
Modified
2024-08-04 02:59
Severity ?
EPSS score ?
Summary
In all released versions of Eclipse Equinox, at least until version 4.21 (September 2021), installation can be vulnerable to man-in-the-middle attack if using p2 repos that are HTTP; that can then be exploited to serve incorrect p2 metadata and entirely alter the local installation, particularly by installing plug-ins that may then run malicious code.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.eclipse.org/bugs/show_bug.cgi?id=575688 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Eclipse Foundation | Eclipse Equinox |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:59:30.351Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=575688", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Eclipse Equinox", vendor: "The Eclipse Foundation", versions: [ { lessThanOrEqual: "4.21", status: "unknown", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "In all released versions of Eclipse Equinox, at least until version 4.21 (September 2021), installation can be vulnerable to man-in-the-middle attack if using p2 repos that are HTTP; that can then be exploited to serve incorrect p2 metadata and entirely alter the local installation, particularly by installing plug-ins that may then run malicious code.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-300", description: "CWE-300", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-13T20:55:09", orgId: "e51fbebd-6053-4e49-959f-1b94eeb69a2c", shortName: "eclipse", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=575688", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@eclipse.org", ID: "CVE-2021-41033", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Eclipse Equinox", version: { version_data: [ { version_affected: "?<=", version_value: "4.21", }, ], }, }, ], }, vendor_name: "The Eclipse Foundation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In all released versions of Eclipse Equinox, at least until version 4.21 (September 2021), installation can be vulnerable to man-in-the-middle attack if using p2 repos that are HTTP; that can then be exploited to serve incorrect p2 metadata and entirely alter the local installation, particularly by installing plug-ins that may then run malicious code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-300", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=575688", refsource: "CONFIRM", url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=575688", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e51fbebd-6053-4e49-959f-1b94eeb69a2c", assignerShortName: "eclipse", cveId: "CVE-2021-41033", datePublished: "2021-09-13T20:55:09", dateReserved: "2021-09-13T00:00:00", dateUpdated: "2024-08-04T02:59:30.351Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-11987
Vulnerability from cvelistv5
Published
2021-02-24 00:00
Modified
2024-08-04 11:48
Severity ?
EPSS score ?
Summary
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Apache Batik |
Version: Apache Batik 1.13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:48:57.622Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://xmlgraphics.apache.org/security.html", }, { name: "[poi-dev] 20210304 [Bug 65166] New: Apache Batik 1.13 vulnerabilities (CVE-2020-11987, CVE-2020-11988)", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r588d05a0790b40a0eb81088252e1e8c1efb99706631421f17038eb05%40%3Cdev.poi.apache.org%3E", }, { name: "[poi-dev] 20210308 [Bug 65166] Apache Batik 1.13 vulnerabilities (CVE-2020-11987, CVE-2020-11988)", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r2877ae10e8be56a3c52d03e373512ddd32f16b863f24c2e22f5a5ba2%40%3Cdev.poi.apache.org%3E", }, { name: "FEDORA-2021-65ff5f10e2", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7EAYO5XIHD6OIEA3HPK64UDDBSLNAC5/", }, { name: "FEDORA-2021-33a1b73e48", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEDID4DAVPECE6O4QQCSIS75BLLBUUAM/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "[debian-lts-announce] 20231014 [SECURITY] [DLA 3619-1] batik security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html", }, { name: "GLSA-202401-11", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202401-11", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache Batik", vendor: "n/a", versions: [ { status: "affected", version: "Apache Batik 1.13", }, ], }, ], descriptions: [ { lang: "en", value: "Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-07T11:06:30.228868", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { url: "https://xmlgraphics.apache.org/security.html", }, { name: "[poi-dev] 20210304 [Bug 65166] New: Apache Batik 1.13 vulnerabilities (CVE-2020-11987, CVE-2020-11988)", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r588d05a0790b40a0eb81088252e1e8c1efb99706631421f17038eb05%40%3Cdev.poi.apache.org%3E", }, { name: "[poi-dev] 20210308 [Bug 65166] Apache Batik 1.13 vulnerabilities (CVE-2020-11987, CVE-2020-11988)", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r2877ae10e8be56a3c52d03e373512ddd32f16b863f24c2e22f5a5ba2%40%3Cdev.poi.apache.org%3E", }, { name: "FEDORA-2021-65ff5f10e2", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7EAYO5XIHD6OIEA3HPK64UDDBSLNAC5/", }, { name: "FEDORA-2021-33a1b73e48", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEDID4DAVPECE6O4QQCSIS75BLLBUUAM/", }, { url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "[debian-lts-announce] 20231014 [SECURITY] [DLA 3619-1] batik security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html", }, { name: "GLSA-202401-11", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202401-11", }, ], }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2020-11987", datePublished: "2021-02-24T00:00:00", dateReserved: "2020-04-21T00:00:00", dateUpdated: "2024-08-04T11:48:57.622Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-17566
Vulnerability from cvelistv5
Published
2020-11-12 00:00
Modified
2024-08-05 01:40
Severity ?
EPSS score ?
Summary
Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Apache Batik |
Version: Apache Batik 1.12 and older |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:40:15.834Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://xmlgraphics.apache.org/security.html", }, { name: "[myfaces-commits] 20201120 [myfaces-tobago] branch tobago-2.x updated: Update batik dependency from 1.9 to 1.13, because of CVE-2019-17566", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/rab94fe68b180d2e2fba97abf6fe1ec83cff826be25f86cd90f047171%40%3Ccommits.myfaces.apache.org%3E", }, { name: "[myfaces-commits] 20201211 [myfaces-tobago] 21/22: Update batik dependency from 1.9 to 1.13, because of CVE-2019-17566", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/rcab14a9ec91aa4c151e0729966282920423eff50a22759fd21db6509%40%3Ccommits.myfaces.apache.org%3E", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "GLSA-202401-11", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202401-11", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache Batik", vendor: "n/a", versions: [ { status: "affected", version: "Apache Batik 1.12 and older", }, ], }, ], descriptions: [ { lang: "en", value: "Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the \"xlink:href\" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-07T11:06:15.441256", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { url: "https://xmlgraphics.apache.org/security.html", }, { name: "[myfaces-commits] 20201120 [myfaces-tobago] branch tobago-2.x updated: Update batik dependency from 1.9 to 1.13, because of CVE-2019-17566", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/rab94fe68b180d2e2fba97abf6fe1ec83cff826be25f86cd90f047171%40%3Ccommits.myfaces.apache.org%3E", }, { name: "[myfaces-commits] 20201211 [myfaces-tobago] 21/22: Update batik dependency from 1.9 to 1.13, because of CVE-2019-17566", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/rcab14a9ec91aa4c151e0729966282920423eff50a22759fd21db6509%40%3Ccommits.myfaces.apache.org%3E", }, { url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "GLSA-202401-11", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202401-11", }, ], }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2019-17566", datePublished: "2020-11-12T00:00:00", dateReserved: "2019-10-14T00:00:00", dateUpdated: "2024-08-05T01:40:15.834Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-2047
Vulnerability from cvelistv5
Published
2022-07-07 20:45
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/eclipse/jetty.project/security/advisories/GHSA-cj7v-27pg-wf7q | x_refsource_CONFIRM | |
| https://www.debian.org/security/2022/dsa-5198 | vendor-advisory, x_refsource_DEBIAN | |
| https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html | mailing-list, x_refsource_MLIST | |
| https://security.netapp.com/advisory/ntap-20220901-0006/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Eclipse Foundation | Eclipse Jetty |
Version: 9.4.0 < unspecified Version: unspecified < Version: 10.0.0 < unspecified Version: unspecified < Version: 11.0.0 < unspecified Version: unspecified < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:24:44.138Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-cj7v-27pg-wf7q", }, { name: "DSA-5198", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5198", }, { name: "[debian-lts-announce] 20220821 [SECURITY] [DLA 3079-1] jetty9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220901-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Eclipse Jetty", vendor: "The Eclipse Foundation", versions: [ { lessThan: "unspecified", status: "affected", version: "9.4.0", versionType: "custom", }, { lessThanOrEqual: "9.4.46", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "unspecified", status: "affected", version: "10.0.0", versionType: "custom", }, { lessThanOrEqual: "10.0.9", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "unspecified", status: "affected", version: "11.0.0", versionType: "custom", }, { lessThanOrEqual: "11.0.9", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 2.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-01T13:06:30", orgId: "e51fbebd-6053-4e49-959f-1b94eeb69a2c", shortName: "eclipse", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-cj7v-27pg-wf7q", }, { name: "DSA-5198", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2022/dsa-5198", }, { name: "[debian-lts-announce] 20220821 [SECURITY] [DLA 3079-1] jetty9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220901-0006/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@eclipse.org", ID: "CVE-2022-2047", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Eclipse Jetty", version: { version_data: [ { version_affected: ">=", version_value: "9.4.0", }, { version_affected: "<=", version_value: "9.4.46", }, { version_affected: ">=", version_value: "10.0.0", }, { version_affected: "<=", version_value: "10.0.9", }, { version_affected: ">=", version_value: "11.0.0", }, { version_affected: "<=", version_value: "11.0.9", }, ], }, }, ], }, vendor_name: "The Eclipse Foundation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario.", }, ], }, impact: { cvss: { vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-cj7v-27pg-wf7q", refsource: "CONFIRM", url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-cj7v-27pg-wf7q", }, { name: "DSA-5198", refsource: "DEBIAN", url: "https://www.debian.org/security/2022/dsa-5198", }, { name: "[debian-lts-announce] 20220821 [SECURITY] [DLA 3079-1] jetty9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html", }, { name: "https://security.netapp.com/advisory/ntap-20220901-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220901-0006/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e51fbebd-6053-4e49-959f-1b94eeb69a2c", assignerShortName: "eclipse", cveId: "CVE-2022-2047", datePublished: "2022-07-07T20:45:12", dateReserved: "2022-06-09T00:00:00", dateUpdated: "2024-08-03T00:24:44.138Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-3506
Vulnerability from cvelistv5
Published
2016-07-21 10:00
Modified
2024-10-11 20:52
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the JDBC component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2; the Oracle Retail Xstore Point of Service 5.5, 6.0, 6.5, 7.0, 7.1, 15.0, and 16.0; the Oracle Retail Warehouse Management System 14.04, 14.1.3, and 15.0.1; the Oracle Retail Workforce Management 1.60.7, and 1.64.0; the Oracle Retail Clearance Optimization Engine 13.4; the Oracle Retail Markdown Optimization 13.4 and 14.0; and Oracle Retail Merchandising System 16.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1036363 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/91787 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/91867 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:56:14.152Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { name: "1036363", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036363", }, { name: "91787", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91787", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "91867", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91867", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2016-3506", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T19:53:22.696868Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T20:52:22.644Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-07-19T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in the JDBC component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2; the Oracle Retail Xstore Point of Service 5.5, 6.0, 6.5, 7.0, 7.1, 15.0, and 16.0; the Oracle Retail Warehouse Management System 14.04, 14.1.3, and 15.0.1; the Oracle Retail Workforce Management 1.60.7, and 1.64.0; the Oracle Retail Clearance Optimization Engine 13.4; the Oracle Retail Markdown Optimization 13.4 and 14.0; and Oracle Retail Merchandising System 16.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-07-18T12:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { name: "1036363", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036363", }, { name: "91787", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91787", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "91867", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91867", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2016-3506", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in the JDBC component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2; the Oracle Retail Xstore Point of Service 5.5, 6.0, 6.5, 7.0, 7.1, 15.0, and 16.0; the Oracle Retail Warehouse Management System 14.04, 14.1.3, and 15.0.1; the Oracle Retail Workforce Management 1.60.7, and 1.64.0; the Oracle Retail Clearance Optimization Engine 13.4; the Oracle Retail Markdown Optimization 13.4 and 14.0; and Oracle Retail Merchandising System 16.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { name: "1036363", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036363", }, { name: "91787", refsource: "BID", url: "http://www.securityfocus.com/bid/91787", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "91867", refsource: "BID", url: "http://www.securityfocus.com/bid/91867", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2016-3506", datePublished: "2016-07-21T10:00:00", dateReserved: "2016-03-17T00:00:00", dateUpdated: "2024-10-11T20:52:22.644Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24823
Vulnerability from cvelistv5
Published
2022-05-06 12:05
Modified
2024-08-03 04:20
Severity ?
EPSS score ?
Summary
Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q | x_refsource_CONFIRM | |
| https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2 | x_refsource_MISC | |
| https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1 | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220616-0004/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:20:50.545Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220616-0004/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "netty", vendor: "netty", versions: [ { status: "affected", version: "<= 4.1.76.Final", }, ], }, ], descriptions: [ { lang: "en", value: "Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-668", description: "CWE-668: Exposure of Resource to Wrong Sphere", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-378", description: "CWE-378: Creation of Temporary File With Insecure Permissions", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-379", description: "CWE-379: Creation of Temporary File in Directory with Insecure Permissions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-25T16:52:21", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220616-0004/", }, ], source: { advisory: "GHSA-269q-hmxg-m83q", discovery: "UNKNOWN", }, title: "Local Information Disclosure Vulnerability in io.netty:netty-codec-http", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-24823", STATE: "PUBLIC", TITLE: "Local Information Disclosure Vulnerability in io.netty:netty-codec-http", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "netty", version: { version_data: [ { version_value: "<= 4.1.76.Final", }, ], }, }, ], }, vendor_name: "netty", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-668: Exposure of Resource to Wrong Sphere", }, ], }, { description: [ { lang: "eng", value: "CWE-378: Creation of Temporary File With Insecure Permissions", }, ], }, { description: [ { lang: "eng", value: "CWE-379: Creation of Temporary File in Directory with Insecure Permissions", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q", refsource: "CONFIRM", url: "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q", }, { name: "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2", refsource: "MISC", url: "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2", }, { name: "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1", refsource: "MISC", url: "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20220616-0004/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220616-0004/", }, ], }, source: { advisory: "GHSA-269q-hmxg-m83q", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-24823", datePublished: "2022-05-06T12:05:11", dateReserved: "2022-02-10T00:00:00", dateUpdated: "2024-08-03T04:20:50.545Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-36518
Vulnerability from cvelistv5
Published
2022-03-11 00:00
Modified
2024-08-04 17:30
Severity ?
EPSS score ?
Summary
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:30:08.127Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/FasterXML/jackson-databind/issues/2816", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "[debian-lts-announce] 20220502 [SECURITY] [DLA 2990-1] jackson-databind security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220506-0004/", }, { name: "DSA-5283", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5283", }, { name: "[debian-lts-announce] 20221127 [SECURITY] [DLA 3207-1] jackson-databind security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-27T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/FasterXML/jackson-databind/issues/2816", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "[debian-lts-announce] 20220502 [SECURITY] [DLA 2990-1] jackson-databind security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { url: "https://security.netapp.com/advisory/ntap-20220506-0004/", }, { name: "DSA-5283", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5283", }, { name: "[debian-lts-announce] 20221127 [SECURITY] [DLA 3207-1] jackson-databind security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-36518", datePublished: "2022-03-11T00:00:00", dateReserved: "2022-03-11T00:00:00", dateUpdated: "2024-08-04T17:30:08.127Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-8013
Vulnerability from cvelistv5
Published
2018-05-24 16:00
Modified
2024-09-16 23:16
Severity ?
EPSS score ?
Summary
In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deserialization.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Batik |
Version: 1.0 - 1.9.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T06:46:11.478Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "104252", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/104252", }, { name: "[debian-lts-announce] 20180525 [SECURITY] [DLA 1385-1] batik security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/05/msg00016.html", }, { name: "DSA-4215", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4215", }, { name: "USN-3661-1", tags: [ "vendor-advisory", "x_transferred", ], url: "https://usn.ubuntu.com/3661-1/", }, { name: "[xmlgraphics-batik-dev] 20180523 [CVE-2018-8013] Apache Batik information disclosure vulnerability", tags: [ "mailing-list", "x_transferred", ], url: "https://mail-archives.apache.org/mod_mbox/xmlgraphics-batik-dev/201805.mbox/%3c000701d3f28f%24d01860a0%24704921e0%24%40gmail.com%3e", }, { name: "1040995", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1040995", }, { name: "[xmlgraphics-commits] 20200615 svn commit: r1878851 - /xmlgraphics/site/trunk/content/security.mdtext", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r9e90b4d1cf6ea87a79bb506541140dfbf4801f4463a7cee08126ee44%40%3Ccommits.xmlgraphics.apache.org%3E", }, { name: "[xmlgraphics-commits] 20200615 svn commit: r1878850 - /xmlgraphics/site/trunk/content/security.mdtext", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/rc0a31867796043fbe59113fb654fe8b13309fe04f8935acb8d0fab19%40%3Ccommits.xmlgraphics.apache.org%3E", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { tags: [ "x_transferred", ], url: "https://xmlgraphics.apache.org/security.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { name: "GLSA-202401-11", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202401-11", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache Batik", vendor: "Apache Software Foundation", versions: [ { status: "affected", version: "1.0 - 1.9.1", }, ], }, ], datePublic: "2018-05-23T00:00:00", descriptions: [ { lang: "en", value: "In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deserialization.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-07T11:06:17.409115", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { name: "104252", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/104252", }, { name: "[debian-lts-announce] 20180525 [SECURITY] [DLA 1385-1] batik security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2018/05/msg00016.html", }, { name: "DSA-4215", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2018/dsa-4215", }, { name: "USN-3661-1", tags: [ "vendor-advisory", ], url: "https://usn.ubuntu.com/3661-1/", }, { name: "[xmlgraphics-batik-dev] 20180523 [CVE-2018-8013] Apache Batik information disclosure vulnerability", tags: [ "mailing-list", ], url: "https://mail-archives.apache.org/mod_mbox/xmlgraphics-batik-dev/201805.mbox/%3c000701d3f28f%24d01860a0%24704921e0%24%40gmail.com%3e", }, { name: "1040995", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1040995", }, { name: "[xmlgraphics-commits] 20200615 svn commit: r1878851 - /xmlgraphics/site/trunk/content/security.mdtext", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r9e90b4d1cf6ea87a79bb506541140dfbf4801f4463a7cee08126ee44%40%3Ccommits.xmlgraphics.apache.org%3E", }, { name: "[xmlgraphics-commits] 20200615 svn commit: r1878850 - /xmlgraphics/site/trunk/content/security.mdtext", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/rc0a31867796043fbe59113fb654fe8b13309fe04f8935acb8d0fab19%40%3Ccommits.xmlgraphics.apache.org%3E", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { url: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", }, { url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { url: "https://xmlgraphics.apache.org/security.html", }, { url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { name: "GLSA-202401-11", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202401-11", }, ], }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2018-8013", datePublished: "2018-05-24T16:00:00Z", dateReserved: "2018-03-09T00:00:00", dateUpdated: "2024-09-16T23:16:36.073Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-5662
Vulnerability from cvelistv5
Published
2017-04-18 14:00
Modified
2024-08-05 15:11
Severity ?
EPSS score ?
Summary
In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2017:2547 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:0319 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1038334 | vdb-entry, x_refsource_SECTRACK | |
| https://www.debian.org/security/2018/dsa-4215 | vendor-advisory, x_refsource_DEBIAN | |
| https://access.redhat.com/errata/RHSA-2017:2546 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/97948 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | x_refsource_CONFIRM | |
| https://xmlgraphics.apache.org/security.html | x_refsource_CONFIRM | |
| https://www.oracle.com/security-alerts/cpuoct2020.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Batik |
Version: before 1.9 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:11:47.301Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2017:2547", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2547", }, { name: "RHSA-2018:0319", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:0319", }, { name: "1038334", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038334", }, { name: "DSA-4215", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4215", }, { name: "RHSA-2017:2546", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2546", }, { name: "97948", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/97948", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://xmlgraphics.apache.org/security.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache Batik", vendor: "Apache Software Foundation", versions: [ { status: "affected", version: "before 1.9", }, ], }, ], datePublic: "2017-04-18T00:00:00", descriptions: [ { lang: "en", value: "In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack.", }, ], problemTypes: [ { descriptions: [ { description: "XXE", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-20T21:14:52", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { name: "RHSA-2017:2547", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2547", }, { name: "RHSA-2018:0319", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:0319", }, { name: "1038334", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038334", }, { name: "DSA-4215", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4215", }, { name: "RHSA-2017:2546", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2546", }, { name: "97948", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/97948", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://xmlgraphics.apache.org/security.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@apache.org", ID: "CVE-2017-5662", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Apache Batik", version: { version_data: [ { version_value: "before 1.9", }, ], }, }, ], }, vendor_name: "Apache Software Foundation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "XXE", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2017:2547", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2547", }, { name: "RHSA-2018:0319", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:0319", }, { name: "1038334", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1038334", }, { name: "DSA-4215", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4215", }, { name: "RHSA-2017:2546", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2546", }, { name: "97948", refsource: "BID", url: "http://www.securityfocus.com/bid/97948", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "https://xmlgraphics.apache.org/security.html", refsource: "CONFIRM", url: "https://xmlgraphics.apache.org/security.html", }, { name: "https://www.oracle.com/security-alerts/cpuoct2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2017-5662", datePublished: "2017-04-18T14:00:00", dateReserved: "2017-01-29T00:00:00", dateUpdated: "2024-08-05T15:11:47.301Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-4269
Vulnerability from cvelistv5
Published
2010-08-16 19:00
Modified
2024-08-07 06:54
Severity ?
EPSS score ?
Summary
The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=apache-db-general&m=127428514905504&w=1 | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/42948 | third-party-advisory, x_refsource_SECUNIA | |
| https://issues.apache.org/jira/browse/DERBY-4483 | x_refsource_CONFIRM | |
| http://blogs.sun.com/kah/entry/derby_10_6_1_has | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2011/0149 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/42970 | third-party-advisory, x_refsource_SECUNIA | |
| http://marcellmajor.com/derbyhash.html | x_refsource_MISC | |
| http://www.securitytracker.com/id?1024977 | vdb-entry, x_refsource_SECTRACK | |
| http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/42637 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T06:54:10.308Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[apache-db-general] 20100519 [ANNOUNCE] Apache Derby 10.6.1.0 released", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://marc.info/?l=apache-db-general&m=127428514905504&w=1", }, { name: "42948", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/42948", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.apache.org/jira/browse/DERBY-4483", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://blogs.sun.com/kah/entry/derby_10_6_1_has", }, { name: "ADV-2011-0149", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0149", }, { name: "42970", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/42970", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://marcellmajor.com/derbyhash.html", }, { name: "1024977", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1024977", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269", }, { name: "42637", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/42637", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-05-19T00:00:00", descriptions: [ { lang: "en", value: "The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2011-01-22T10:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[apache-db-general] 20100519 [ANNOUNCE] Apache Derby 10.6.1.0 released", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://marc.info/?l=apache-db-general&m=127428514905504&w=1", }, { name: "42948", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/42948", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.apache.org/jira/browse/DERBY-4483", }, { tags: [ "x_refsource_MISC", ], url: "http://blogs.sun.com/kah/entry/derby_10_6_1_has", }, { name: "ADV-2011-0149", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0149", }, { name: "42970", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/42970", }, { tags: [ "x_refsource_MISC", ], url: "http://marcellmajor.com/derbyhash.html", }, { name: "1024977", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1024977", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269", }, { name: "42637", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/42637", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2009-4269", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[apache-db-general] 20100519 [ANNOUNCE] Apache Derby 10.6.1.0 released", refsource: "MLIST", url: "http://marc.info/?l=apache-db-general&m=127428514905504&w=1", }, { name: "42948", refsource: "SECUNIA", url: "http://secunia.com/advisories/42948", }, { name: "https://issues.apache.org/jira/browse/DERBY-4483", refsource: "CONFIRM", url: "https://issues.apache.org/jira/browse/DERBY-4483", }, { name: "http://blogs.sun.com/kah/entry/derby_10_6_1_has", refsource: "MISC", url: "http://blogs.sun.com/kah/entry/derby_10_6_1_has", }, { name: "ADV-2011-0149", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0149", }, { name: "42970", refsource: "SECUNIA", url: "http://secunia.com/advisories/42970", }, { name: "http://marcellmajor.com/derbyhash.html", refsource: "MISC", url: "http://marcellmajor.com/derbyhash.html", }, { name: "1024977", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1024977", }, { name: "http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269", refsource: "CONFIRM", url: "http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269", }, { name: "42637", refsource: "BID", url: "http://www.securityfocus.com/bid/42637", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2009-4269", datePublished: "2010-08-16T19:00:00", dateReserved: "2009-12-10T00:00:00", dateUpdated: "2024-08-07T06:54:10.308Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-0250
Vulnerability from cvelistv5
Published
2015-03-24 17:00
Modified
2024-08-06 04:03
Severity ?
EPSS score ?
Summary
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ubuntu.com/usn/USN-2548-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21963275 | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2015:203 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.debian.org/security/2015/dsa-3205 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securitytracker.com/id/1032781 | vdb-entry, x_refsource_SECTRACK | |
| http://advisories.mageia.org/MGASA-2015-0138.html | x_refsource_CONFIRM | |
| http://seclists.org/fulldisclosure/2015/Mar/142 | mailing-list, x_refsource_FULLDISC | |
| http://rhn.redhat.com/errata/RHSA-2016-0042.html | vendor-advisory, x_refsource_REDHAT | |
| http://xmlgraphics.apache.org/security.html | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2016-0041.html | vendor-advisory, x_refsource_REDHAT | |
| http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:03:10.455Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2548-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2548-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21963275", }, { name: "MDVSA-2015:203", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:203", }, { name: "DSA-3205", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3205", }, { name: "1032781", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032781", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0138.html", }, { name: "20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2015/Mar/142", }, { name: "RHSA-2016:0042", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0042.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://xmlgraphics.apache.org/security.html", }, { name: "RHSA-2016:0041", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0041.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-03-17T00:00:00", descriptions: [ { lang: "en", value: "XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-03T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "USN-2548-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2548-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21963275", }, { name: "MDVSA-2015:203", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:203", }, { name: "DSA-3205", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3205", }, { name: "1032781", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032781", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0138.html", }, { name: "20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2015/Mar/142", }, { name: "RHSA-2016:0042", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0042.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://xmlgraphics.apache.org/security.html", }, { name: "RHSA-2016:0041", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0041.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-0250", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-2548-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2548-1", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21963275", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21963275", }, { name: "MDVSA-2015:203", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:203", }, { name: "DSA-3205", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3205", }, { name: "1032781", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032781", }, { name: "http://advisories.mageia.org/MGASA-2015-0138.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0138.html", }, { name: "20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2015/Mar/142", }, { name: "RHSA-2016:0042", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0042.html", }, { name: "http://xmlgraphics.apache.org/security.html", refsource: "CONFIRM", url: "http://xmlgraphics.apache.org/security.html", }, { name: "RHSA-2016:0041", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0041.html", }, { name: "http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-0250", datePublished: "2015-03-24T17:00:00", dateReserved: "2014-11-18T00:00:00", dateUpdated: "2024-08-06T04:03:10.455Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-2048
Vulnerability from cvelistv5
Published
2022-07-07 20:35
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j | x_refsource_CONFIRM | |
| https://www.debian.org/security/2022/dsa-5198 | vendor-advisory, x_refsource_DEBIAN | |
| https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html | mailing-list, x_refsource_MLIST | |
| https://security.netapp.com/advisory/ntap-20220901-0006/ | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2022/09/09/2 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Eclipse Foundation | Eclipse Jetty |
Version: 9.4.0 < unspecified Version: unspecified < Version: 10.0.0 < unspecified Version: unspecified < Version: 11.0.0 < unspecified Version: unspecified < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:24:43.964Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j", }, { name: "DSA-5198", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5198", }, { name: "[debian-lts-announce] 20220821 [SECURITY] [DLA 3079-1] jetty9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220901-0006/", }, { name: "[oss-security] 20220909 Vulnerability in Jenkins", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/09/09/2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Eclipse Jetty", vendor: "The Eclipse Foundation", versions: [ { lessThan: "unspecified", status: "affected", version: "9.4.0", versionType: "custom", }, { lessThanOrEqual: "9.4.46", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "unspecified", status: "affected", version: "10.0.0", versionType: "custom", }, { lessThanOrEqual: "10.0.9", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "unspecified", status: "affected", version: "11.0.0", versionType: "custom", }, { lessThanOrEqual: "11.0.9", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-410", description: "CWE-410", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-664", description: "CWE-664", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-09T14:06:11", orgId: "e51fbebd-6053-4e49-959f-1b94eeb69a2c", shortName: "eclipse", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j", }, { name: "DSA-5198", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2022/dsa-5198", }, { name: "[debian-lts-announce] 20220821 [SECURITY] [DLA 3079-1] jetty9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220901-0006/", }, { name: "[oss-security] 20220909 Vulnerability in Jenkins", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2022/09/09/2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@eclipse.org", ID: "CVE-2022-2048", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Eclipse Jetty", version: { version_data: [ { version_affected: ">=", version_value: "9.4.0", }, { version_affected: "<=", version_value: "9.4.46", }, { version_affected: ">=", version_value: "10.0.0", }, { version_affected: "<=", version_value: "10.0.9", }, { version_affected: ">=", version_value: "11.0.0", }, { version_affected: "<=", version_value: "11.0.9", }, ], }, }, ], }, vendor_name: "The Eclipse Foundation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.", }, ], }, impact: { cvss: { baseScore: 7.5, vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-410", }, ], }, { description: [ { lang: "eng", value: "CWE-664", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j", refsource: "CONFIRM", url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j", }, { name: "DSA-5198", refsource: "DEBIAN", url: "https://www.debian.org/security/2022/dsa-5198", }, { name: "[debian-lts-announce] 20220821 [SECURITY] [DLA 3079-1] jetty9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html", }, { name: "https://security.netapp.com/advisory/ntap-20220901-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220901-0006/", }, { name: "[oss-security] 20220909 Vulnerability in Jenkins", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2022/09/09/2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e51fbebd-6053-4e49-959f-1b94eeb69a2c", assignerShortName: "eclipse", cveId: "CVE-2022-2048", datePublished: "2022-07-07T20:35:09", dateReserved: "2022-06-09T00:00:00", dateUpdated: "2024-08-03T00:24:43.964Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.