Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2023-0122
Vulnerability from csaf_certbund
Published
2023-01-17 23:00
Modified
2023-01-17 23:00
Summary
Oracle Supply Chain: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Die Oracle Supply Chain ist eine Sammlung von Applikationen für verschiedene Zwecke.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Supply Chain ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Die Oracle Supply Chain ist eine Sammlung von Applikationen für verschiedene Zwecke.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Supply Chain ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-0122 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0122.json", }, { category: "self", summary: "WID-SEC-2023-0122 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0122", }, { category: "external", summary: "Oracle Critical Patch Update Advisory - January 2023 - Appendix Oracle Supply Chain vom 2023-01-17", url: "https://www.oracle.com/security-alerts/cpujan2023.html#AppendixSCP", }, ], source_lang: "en-US", title: "Oracle Supply Chain: Mehrere Schwachstellen", tracking: { current_release_date: "2023-01-17T23:00:00.000+00:00", generator: { date: "2024-08-15T17:41:43.641+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-0122", initial_release_date: "2023-01-17T23:00:00.000+00:00", revision_history: [ { date: "2023-01-17T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Oracle Supply Chain 9.3.6", product: { name: "Oracle Supply Chain 9.3.6", product_id: "T019052", product_identification_helper: { cpe: "cpe:/a:oracle:supply_chain:9.3.6", }, }, }, { category: "product_name", name: "Oracle Supply Chain 12.1", product: { name: "Oracle Supply Chain 12.1", product_id: "T019054", product_identification_helper: { cpe: "cpe:/a:oracle:supply_chain:12.1", }, }, }, { category: "product_name", name: "Oracle Supply Chain 12.2", product: { name: "Oracle Supply Chain 12.2", product_id: "T019055", product_identification_helper: { cpe: "cpe:/a:oracle:supply_chain:12.2", }, }, }, { category: "product_name", name: "Oracle Supply Chain 12.2.11", product: { name: "Oracle Supply Chain 12.2.11", product_id: "T021721", product_identification_helper: { cpe: "cpe:/a:oracle:supply_chain:12.2.11", }, }, }, { category: "product_name", name: "Oracle Supply Chain < 21.0.2.6", product: { name: "Oracle Supply Chain < 21.0.2.6", product_id: "T025892", product_identification_helper: { cpe: "cpe:/a:oracle:supply_chain:21.0.2.6", }, }, }, { category: "product_name", name: "Oracle Supply Chain 12.2.7", product: { name: "Oracle Supply Chain 12.2.7", product_id: "T025893", product_identification_helper: { cpe: "cpe:/a:oracle:supply_chain:12.2.7", }, }, }, { category: "product_name", name: "Oracle Supply Chain 12.2.8", product: { name: "Oracle Supply Chain 12.2.8", product_id: "T025894", product_identification_helper: { cpe: "cpe:/a:oracle:supply_chain:12.2.8", }, }, }, { category: "product_name", name: "Oracle Supply Chain 12.2.9", product: { name: "Oracle Supply Chain 12.2.9", product_id: "T025895", product_identification_helper: { cpe: "cpe:/a:oracle:supply_chain:12.2.9", }, }, }, { category: "product_name", name: "Oracle Supply Chain 12.2.10", product: { name: "Oracle Supply Chain 12.2.10", product_id: "T025896", product_identification_helper: { cpe: "cpe:/a:oracle:supply_chain:12.2.10", }, }, }, { category: "product_name", name: "Oracle Supply Chain 12.2.12", product: { name: "Oracle Supply Chain 12.2.12", product_id: "T025897", product_identification_helper: { cpe: "cpe:/a:oracle:supply_chain:12.2.12", }, }, }, { category: "product_name", name: "Oracle Supply Chain < 21.0.2.0", product: { name: "Oracle Supply Chain < 21.0.2.0", product_id: "T025898", product_identification_helper: { cpe: "cpe:/a:oracle:supply_chain:21.0.2.0", }, }, }, ], category: "product_name", name: "Supply Chain", }, ], category: "vendor", name: "Oracle", }, ], }, vulnerabilities: [ { cve: "CVE-2023-21850", notes: [ { category: "description", text: "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893", ], }, release_date: "2023-01-17T23:00:00.000+00:00", title: "CVE-2023-21850", }, { cve: "CVE-2022-42252", notes: [ { category: "description", text: "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893", ], }, release_date: "2023-01-17T23:00:00.000+00:00", title: "CVE-2022-42252", }, { cve: "CVE-2022-34169", notes: [ { category: "description", text: "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893", ], }, release_date: "2023-01-17T23:00:00.000+00:00", title: "CVE-2022-34169", }, { cve: "CVE-2022-24839", notes: [ { category: "description", text: "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893", ], }, release_date: "2023-01-17T23:00:00.000+00:00", title: "CVE-2022-24839", }, { cve: "CVE-2021-44832", notes: [ { category: "description", text: "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893", ], }, release_date: "2023-01-17T23:00:00.000+00:00", title: "CVE-2021-44832", }, { cve: "CVE-2020-27844", notes: [ { category: "description", text: "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893", ], }, release_date: "2023-01-17T23:00:00.000+00:00", title: "CVE-2020-27844", }, { cve: "CVE-2019-7317", notes: [ { category: "description", text: "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893", ], }, release_date: "2023-01-17T23:00:00.000+00:00", title: "CVE-2019-7317", }, { cve: "CVE-2019-12415", notes: [ { category: "description", text: "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893", ], }, release_date: "2023-01-17T23:00:00.000+00:00", title: "CVE-2019-12415", }, ], }
cve-2021-44832
Vulnerability from cvelistv5
Published
2021-12-28 19:35
Modified
2024-08-04 04:32
Severity ?
EPSS score ?
Summary
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Log4j2 |
Version: log4j-core < 2.17.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:32:13.076Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://issues.apache.org/jira/browse/LOG4J2-3293", }, { name: "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/28/1", }, { name: "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf", }, { name: "FEDORA-2021-c6f471ce0f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/", }, { name: "FEDORA-2021-1bd9151bab", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220104-0001/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache Log4j2", vendor: "Apache Software Foundation", versions: [ { changes: [ { at: "2.13.0", status: "affected", }, { at: "2.12.4", status: "unaffected", }, { at: "2.4", status: "affected", }, { at: "2.3.2", status: "unaffected", }, { at: "2.0-beta7", status: "affected", }, ], lessThan: "2.17.1", status: "affected", version: "log4j-core", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.", }, ], metrics: [ { other: { content: { other: "moderate", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-74", description: "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-25T16:41:33", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { name: "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { tags: [ "x_refsource_MISC", ], url: "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143", }, { tags: [ "x_refsource_MISC", ], url: "https://issues.apache.org/jira/browse/LOG4J2-3293", }, { name: "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/12/28/1", }, { name: "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf", }, { name: "FEDORA-2021-c6f471ce0f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/", }, { name: "FEDORA-2021-1bd9151bab", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220104-0001/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], source: { defect: [ "LOG4J2-3293", "", ], discovery: "UNKNOWN", }, timeline: [ { lang: "en", time: "2021-12-27T00:00:00", value: "reported", }, { lang: "en", time: "2021-12-27T00:00:00", value: "patch proposed, 2.17.1-rc1", }, { lang: "en", time: "2021-12-28T00:00:00", value: "fixed", }, { lang: "en", time: "2021-12-28T00:00:00", value: "public", }, ], title: "Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@apache.org", ID: "CVE-2021-44832", STATE: "PUBLIC", TITLE: "Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Apache Log4j2", version: { version_data: [ { version_affected: "<", version_name: "log4j-core", version_value: "2.17.1", }, { version_affected: ">=", version_name: "log4j-core", version_value: "2.13.0", }, { version_affected: "<", version_name: "log4j-core", version_value: "2.12.4", }, { version_affected: ">=", version_name: "log4j-core", version_value: "2.4", }, { version_affected: "<", version_name: "log4j-core", version_value: "2.3.2", }, { version_affected: ">=", version_name: "log4j-core", version_value: "2.0-beta7", }, ], }, }, ], }, vendor_name: "Apache Software Foundation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: [ { other: "moderate", }, ], problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20 Improper Input Validation", }, ], }, { description: [ { lang: "eng", value: "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, ], }, ], }, references: { reference_data: [ { name: "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143", refsource: "MISC", url: "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143", }, { name: "https://issues.apache.org/jira/browse/LOG4J2-3293", refsource: "MISC", url: "https://issues.apache.org/jira/browse/LOG4J2-3293", }, { name: "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/12/28/1", }, { name: "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf", }, { name: "FEDORA-2021-c6f471ce0f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/", }, { name: "FEDORA-2021-1bd9151bab", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/", }, { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20220104-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220104-0001/", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], }, source: { defect: [ "LOG4J2-3293", "", ], discovery: "UNKNOWN", }, timeline: [ { lang: "en", time: "2021-12-27T00:00:00", value: "reported", }, { lang: "en", time: "2021-12-27T00:00:00", value: "patch proposed, 2.17.1-rc1", }, { lang: "en", time: "2021-12-28T00:00:00", value: "fixed", }, { lang: "en", time: "2021-12-28T00:00:00", value: "public", }, ], }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2021-44832", datePublished: "2021-12-28T19:35:11", dateReserved: "2021-12-11T00:00:00", dateUpdated: "2024-08-04T04:32:13.076Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-21850
Vulnerability from cvelistv5
Published
2023-01-17 23:35
Modified
2024-09-17 13:53
Severity ?
EPSS score ?
Summary
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.oracle.com/security-alerts/cpujan2023.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Demantra Demand Management |
Version: 12.1 Version: 12.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:51:50.987Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "Oracle Advisory", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2023.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-21850", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-17T13:51:35.911117Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284 Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-17T13:53:43.421Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Demantra Demand Management", vendor: "Oracle Corporation", versions: [ { status: "affected", version: "12.1", }, { status: "affected", version: "12.2", }, ], }, ], descriptions: [ { lang: "en-US", value: "Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data.", lang: "en-US", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-23T23:37:34.212Z", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "Oracle Advisory", tags: [ "vendor-advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2023.html", }, ], }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2023-21850", datePublished: "2023-01-17T23:35:13.302Z", dateReserved: "2022-12-17T19:26:00.693Z", dateUpdated: "2024-09-17T13:53:43.421Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42252
Vulnerability from cvelistv5
Published
2022-11-01 00:00
Modified
2025-02-13 16:33
Severity ?
EPSS score ?
Summary
If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default for 8.5.x only), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Tomcat |
Version: 10.1.0-M1 Version: 10.0.0-M1 Version: 9.0.0-M1 Version: 8.5.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:03:45.683Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202305-37", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Apache Tomcat", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "10.1.0", status: "affected", version: "10.1.0-M1", versionType: "maven", }, { lessThanOrEqual: "10.0.26", status: "affected", version: "10.0.0-M1", versionType: "maven", }, { lessThanOrEqual: "9.0.67", status: "affected", version: "9.0.0-M1", versionType: "maven", }, { lessThanOrEqual: "8.5.82", status: "affected", version: "8.5.0", versionType: "maven", }, ], }, ], credits: [ { lang: "en", value: "Thanks to Sam Shahsavar who discovered this issue and reported it to the Apache Tomcat security team.", }, ], descriptions: [ { lang: "en", value: "If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default for 8.5.x only), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header.", }, ], metrics: [ { other: { content: { other: "low", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-444", description: "CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-30T05:09:47.383Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { url: "https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq", }, { url: "https://security.gentoo.org/glsa/202305-37", }, ], source: { discovery: "UNKNOWN", }, title: "Apache Tomcat request smuggling via malformed content-length", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2022-42252", datePublished: "2022-11-01T00:00:00.000Z", dateReserved: "2022-10-03T00:00:00.000Z", dateUpdated: "2025-02-13T16:33:19.048Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24839
Vulnerability from cvelistv5
Published
2022-04-11 21:25
Modified
2024-08-03 04:20
Severity ?
EPSS score ?
Summary
org.cyberneko.html is an html parser written in Java. The fork of `org.cyberneko.html` used by Nokogiri (Rubygem) raises a `java.lang.OutOfMemoryError` exception when parsing ill-formed HTML markup. Users are advised to upgrade to `>= 1.9.22.noko2`. Note: The upstream library `org.cyberneko.html` is no longer maintained. Nokogiri uses its own fork of this library located at https://github.com/sparklemotion/nekohtml and this CVE applies only to that fork. Other forks of nekohtml may have a similar vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/sparklemotion/nekohtml/security/advisories/GHSA-9849-p7jc-9rmv | x_refsource_CONFIRM | |
| https://github.com/sparklemotion/nekohtml/commit/a800fce3b079def130ed42a408ff1d09f89e773d | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| sparklemotion | nekohtml |
Version: < 1.9.22.noko2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:20:50.515Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/sparklemotion/nekohtml/security/advisories/GHSA-9849-p7jc-9rmv", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/sparklemotion/nekohtml/commit/a800fce3b079def130ed42a408ff1d09f89e773d", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "nekohtml", vendor: "sparklemotion", versions: [ { status: "affected", version: "< 1.9.22.noko2", }, ], }, ], descriptions: [ { lang: "en", value: "org.cyberneko.html is an html parser written in Java. The fork of `org.cyberneko.html` used by Nokogiri (Rubygem) raises a `java.lang.OutOfMemoryError` exception when parsing ill-formed HTML markup. Users are advised to upgrade to `>= 1.9.22.noko2`. Note: The upstream library `org.cyberneko.html` is no longer maintained. Nokogiri uses its own fork of this library located at https://github.com/sparklemotion/nekohtml and this CVE applies only to that fork. Other forks of nekohtml may have a similar vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-25T16:52:31", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/sparklemotion/nekohtml/security/advisories/GHSA-9849-p7jc-9rmv", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/sparklemotion/nekohtml/commit/a800fce3b079def130ed42a408ff1d09f89e773d", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], source: { advisory: "GHSA-9849-p7jc-9rmv", discovery: "UNKNOWN", }, title: "Uncontrolled Resource Consumption in org.cyberneko.html (nokogiri fork)", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-24839", STATE: "PUBLIC", TITLE: "Uncontrolled Resource Consumption in org.cyberneko.html (nokogiri fork)", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "nekohtml", version: { version_data: [ { version_value: "< 1.9.22.noko2", }, ], }, }, ], }, vendor_name: "sparklemotion", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "org.cyberneko.html is an html parser written in Java. The fork of `org.cyberneko.html` used by Nokogiri (Rubygem) raises a `java.lang.OutOfMemoryError` exception when parsing ill-formed HTML markup. Users are advised to upgrade to `>= 1.9.22.noko2`. Note: The upstream library `org.cyberneko.html` is no longer maintained. Nokogiri uses its own fork of this library located at https://github.com/sparklemotion/nekohtml and this CVE applies only to that fork. Other forks of nekohtml may have a similar vulnerability.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-400: Uncontrolled Resource Consumption", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/sparklemotion/nekohtml/security/advisories/GHSA-9849-p7jc-9rmv", refsource: "CONFIRM", url: "https://github.com/sparklemotion/nekohtml/security/advisories/GHSA-9849-p7jc-9rmv", }, { name: "https://github.com/sparklemotion/nekohtml/commit/a800fce3b079def130ed42a408ff1d09f89e773d", refsource: "MISC", url: "https://github.com/sparklemotion/nekohtml/commit/a800fce3b079def130ed42a408ff1d09f89e773d", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], }, source: { advisory: "GHSA-9849-p7jc-9rmv", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-24839", datePublished: "2022-04-11T21:25:12", dateReserved: "2022-02-10T00:00:00", dateUpdated: "2024-08-03T04:20:50.515Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-7317
Vulnerability from cvelistv5
Published
2019-02-04 07:00
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:46:45.928Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190417 [slackware-security] libpng (SSA:2019-107-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/30", }, { name: "DSA-4435", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4435", }, { name: "20190429 [SECURITY] [DSA 4435-1] libpng1.6 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/36", }, { name: "USN-3962-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3962-1/", }, { name: "USN-3991-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3991-1/", }, { name: "20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/May/56", }, { name: "20190523 [SECURITY] [DSA 4448-1] firefox-esr security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/May/59", }, { name: "DSA-4448", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4448", }, { name: "[debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html", }, { name: "RHSA-2019:1265", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1265", }, { name: "RHSA-2019:1267", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1267", }, { name: "RHSA-2019:1269", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1269", }, { name: "DSA-4451", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4451", }, { name: "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/May/67", }, { name: "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html", }, { name: "USN-3997-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3997-1/", }, { name: "openSUSE-SU-2019:1484", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html", }, { name: "RHSA-2019:1310", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1310", }, { name: "RHSA-2019:1308", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1308", }, { name: "RHSA-2019:1309", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1309", }, { name: "openSUSE-SU-2019:1534", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html", }, { name: "openSUSE-SU-2019:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html", }, { name: "108098", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108098", }, { name: "USN-4080-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4080-1/", }, { name: "USN-4083-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4083-1/", }, { name: "GLSA-201908-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-02", }, { name: "RHSA-2019:2494", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2494", }, { name: "RHSA-2019:2495", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2495", }, { name: "openSUSE-SU-2019:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html", }, { name: "openSUSE-SU-2019:1912", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html", }, { name: "RHSA-2019:2585", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2585", }, { name: "RHSA-2019:2590", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2590", }, { name: "RHSA-2019:2592", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2592", }, { name: "RHSA-2019:2737", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2737", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/glennrp/libpng/issues/275", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190719-0005/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-02-04T00:00:00", descriptions: [ { lang: "en", value: "png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-20T10:38:36", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20190417 [slackware-security] libpng (SSA:2019-107-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/30", }, { name: "DSA-4435", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4435", }, { name: "20190429 [SECURITY] [DSA 4435-1] libpng1.6 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/36", }, { name: "USN-3962-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3962-1/", }, { name: "USN-3991-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3991-1/", }, { name: "20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/May/56", }, { name: "20190523 [SECURITY] [DSA 4448-1] firefox-esr security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/May/59", }, { name: "DSA-4448", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4448", }, { name: "[debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html", }, { name: "RHSA-2019:1265", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1265", }, { name: "RHSA-2019:1267", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1267", }, { name: "RHSA-2019:1269", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1269", }, { name: "DSA-4451", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4451", }, { name: "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/May/67", }, { name: "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html", }, { name: "USN-3997-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3997-1/", }, { name: "openSUSE-SU-2019:1484", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html", }, { name: "RHSA-2019:1310", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1310", }, { name: "RHSA-2019:1308", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1308", }, { name: "RHSA-2019:1309", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1309", }, { name: "openSUSE-SU-2019:1534", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html", }, { name: "openSUSE-SU-2019:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html", }, { name: "108098", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108098", }, { name: "USN-4080-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4080-1/", }, { name: "USN-4083-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4083-1/", }, { name: "GLSA-201908-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-02", }, { name: "RHSA-2019:2494", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2494", }, { name: "RHSA-2019:2495", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2495", }, { name: "openSUSE-SU-2019:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html", }, { name: "openSUSE-SU-2019:1912", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html", }, { name: "RHSA-2019:2585", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2585", }, { name: "RHSA-2019:2590", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2590", }, { name: "RHSA-2019:2592", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2592", }, { name: "RHSA-2019:2737", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2737", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/glennrp/libpng/issues/275", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190719-0005/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-7317", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20190417 [slackware-security] libpng (SSA:2019-107-01)", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/30", }, { name: "DSA-4435", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4435", }, { name: "20190429 [SECURITY] [DSA 4435-1] libpng1.6 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/36", }, { name: "USN-3962-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3962-1/", }, { name: "USN-3991-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3991-1/", }, { name: "20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01)", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/May/56", }, { name: "20190523 [SECURITY] [DSA 4448-1] firefox-esr security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/May/59", }, { name: "DSA-4448", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4448", }, { name: "[debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html", }, { name: "RHSA-2019:1265", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1265", }, { name: "RHSA-2019:1267", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1267", }, { name: "RHSA-2019:1269", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1269", }, { name: "DSA-4451", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4451", }, { name: "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/May/67", }, { name: "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html", }, { name: "USN-3997-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3997-1/", }, { name: "openSUSE-SU-2019:1484", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html", }, { name: "RHSA-2019:1310", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1310", }, { name: "RHSA-2019:1308", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1308", }, { name: "RHSA-2019:1309", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1309", }, { name: "openSUSE-SU-2019:1534", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html", }, { name: "openSUSE-SU-2019:1664", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html", }, { name: "108098", refsource: "BID", url: "http://www.securityfocus.com/bid/108098", }, { name: "USN-4080-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4080-1/", }, { name: "USN-4083-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4083-1/", }, { name: "GLSA-201908-02", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-02", }, { name: "RHSA-2019:2494", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2494", }, { name: "RHSA-2019:2495", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2495", }, { name: "openSUSE-SU-2019:1916", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html", }, { name: "openSUSE-SU-2019:1912", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html", }, { name: "RHSA-2019:2585", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2585", }, { name: "RHSA-2019:2590", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2590", }, { name: "RHSA-2019:2592", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2592", }, { name: "RHSA-2019:2737", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2737", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { name: "https://www.oracle.com/security-alerts/cpuApr2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { name: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803", refsource: "MISC", url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803", }, { name: "https://github.com/glennrp/libpng/issues/275", refsource: "MISC", url: "https://github.com/glennrp/libpng/issues/275", }, { name: "http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html", }, { name: "https://security.netapp.com/advisory/ntap-20190719-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190719-0005/", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us", }, { name: "https://www.oracle.com/security-alerts/cpuoct2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-7317", datePublished: "2019-02-04T07:00:00", dateReserved: "2019-02-04T00:00:00", dateUpdated: "2024-08-04T20:46:45.928Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-27844
Vulnerability from cvelistv5
Published
2021-01-05 17:43
Modified
2024-08-04 16:25
Severity ?
EPSS score ?
Summary
A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1907521 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/202101-29 | vendor-advisory, x_refsource_GENTOO | |
| https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html | mailing-list, x_refsource_MLIST | |
| https://www.oracle.com/security-alerts/cpuApr2021.html | x_refsource_MISC | |
| https://www.oracle.com//security-alerts/cpujul2021.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:25:43.677Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907521", }, { name: "GLSA-202101-29", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202101-29", }, { name: "[debian-lts-announce] 20210208 [SECURITY] [DLA 2550-1] openjpeg2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "openjpeg", vendor: "n/a", versions: [ { status: "affected", version: "openjpeg 2.4.0", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20->CWE-122->CWE-787", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-20T22:54:53", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907521", }, { name: "GLSA-202101-29", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202101-29", }, { name: "[debian-lts-announce] 20210208 [SECURITY] [DLA 2550-1] openjpeg2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-27844", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "openjpeg", version: { version_data: [ { version_value: "openjpeg 2.4.0", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20->CWE-122->CWE-787", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1907521", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907521", }, { name: "GLSA-202101-29", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202101-29", }, { name: "[debian-lts-announce] 20210208 [SECURITY] [DLA 2550-1] openjpeg2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html", }, { name: "https://www.oracle.com/security-alerts/cpuApr2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { name: "https://www.oracle.com//security-alerts/cpujul2021.html", refsource: "MISC", url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-27844", datePublished: "2021-01-05T17:43:49", dateReserved: "2020-10-27T00:00:00", dateUpdated: "2024-08-04T16:25:43.677Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-12415
Vulnerability from cvelistv5
Published
2019-10-23 19:27
Modified
2024-08-04 23:17
Severity ?
EPSS score ?
Summary
In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Apache POI |
Version: Apache POI up to 4.1.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:17:40.071Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[tika-user] 20191105 Is tika-parsers exposed to CVE-2019-12415", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/2ac0327748de0c2b3c1c012481b79936797c711724e0b7da83cf564c%40%3Cuser.tika.apache.org%3E", }, { name: "[tika-user] 20191105 Re: Is tika-parsers exposed to CVE-2019-12415", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/895164e03a3c327449069e2fd6ced0367561878b3ae6a8ec740c2007%40%3Cuser.tika.apache.org%3E", }, { name: "[tika-user] 20191106 Re: Is tika-parsers exposed to CVE-2019-12415", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/d88b8823867033514d7ec05d66f88c70dc207604d3dcbd44fd88464c%40%3Cuser.tika.apache.org%3E", }, { name: "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://lists.apache.org/thread.html/13a54b6a03369cfb418a699180ffb83bd727320b6ddfec198b9b728e%40%3Cannounce.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache POI", vendor: "n/a", versions: [ { status: "affected", version: "Apache POI up to 4.1.0", }, ], }, ], descriptions: [ { lang: "en", value: "In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-20T10:38:23", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { name: "[tika-user] 20191105 Is tika-parsers exposed to CVE-2019-12415", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/2ac0327748de0c2b3c1c012481b79936797c711724e0b7da83cf564c%40%3Cuser.tika.apache.org%3E", }, { name: "[tika-user] 20191105 Re: Is tika-parsers exposed to CVE-2019-12415", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/895164e03a3c327449069e2fd6ced0367561878b3ae6a8ec740c2007%40%3Cuser.tika.apache.org%3E", }, { name: "[tika-user] 20191106 Re: Is tika-parsers exposed to CVE-2019-12415", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/d88b8823867033514d7ec05d66f88c70dc207604d3dcbd44fd88464c%40%3Cuser.tika.apache.org%3E", }, { name: "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { tags: [ "x_refsource_MISC", ], url: "https://lists.apache.org/thread.html/13a54b6a03369cfb418a699180ffb83bd727320b6ddfec198b9b728e%40%3Cannounce.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@apache.org", ID: "CVE-2019-12415", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Apache POI", version: { version_data: [ { version_value: "Apache POI up to 4.1.0", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "[tika-user] 20191105 Is tika-parsers exposed to CVE-2019-12415", refsource: "MLIST", url: "https://lists.apache.org/thread.html/2ac0327748de0c2b3c1c012481b79936797c711724e0b7da83cf564c@%3Cuser.tika.apache.org%3E", }, { name: "[tika-user] 20191105 Re: Is tika-parsers exposed to CVE-2019-12415", refsource: "MLIST", url: "https://lists.apache.org/thread.html/895164e03a3c327449069e2fd6ced0367561878b3ae6a8ec740c2007@%3Cuser.tika.apache.org%3E", }, { name: "[tika-user] 20191106 Re: Is tika-parsers exposed to CVE-2019-12415", refsource: "MLIST", url: "https://lists.apache.org/thread.html/d88b8823867033514d7ec05d66f88c70dc207604d3dcbd44fd88464c@%3Cuser.tika.apache.org%3E", }, { name: "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E", }, { name: "https://www.oracle.com/security-alerts/cpuapr2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { name: "https://www.oracle.com/security-alerts/cpujul2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { name: "https://www.oracle.com/security-alerts/cpujan2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { name: "https://lists.apache.org/thread.html/13a54b6a03369cfb418a699180ffb83bd727320b6ddfec198b9b728e@%3Cannounce.apache.org%3E", refsource: "MISC", url: "https://lists.apache.org/thread.html/13a54b6a03369cfb418a699180ffb83bd727320b6ddfec198b9b728e@%3Cannounce.apache.org%3E", }, { name: "https://www.oracle.com/security-alerts/cpuoct2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { name: "https://www.oracle.com/security-alerts/cpujan2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { name: "https://www.oracle.com/security-alerts/cpuApr2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { name: "https://www.oracle.com//security-alerts/cpujul2021.html", refsource: "MISC", url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { name: "https://www.oracle.com/security-alerts/cpuoct2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2019-12415", datePublished: "2019-10-23T19:27:20", dateReserved: "2019-05-28T00:00:00", dateUpdated: "2024-08-04T23:17:40.071Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-34169
Vulnerability from cvelistv5
Published
2022-07-19 00:00
Modified
2025-02-13 16:32
Severity ?
EPSS score ?
Summary
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Xalan-J |
Version: Xalan-J < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T08:16:17.277Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8", }, { tags: [ "x_transferred", ], url: "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw", }, { name: "[oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/07/19/5", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/07/19/6", }, { name: "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/07/20/2", }, { name: "[oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/07/20/3", }, { name: "DSA-5188", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5188", }, { name: "DSA-5192", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5192", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220729-0009/", }, { name: "FEDORA-2022-19b6f21746", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/", }, { name: "FEDORA-2022-ae563934f7", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/", }, { name: "FEDORA-2022-e573851f56", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/", }, { name: "FEDORA-2022-d26586b419", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/", }, { name: "FEDORA-2022-80afe2304a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/", }, { name: "FEDORA-2022-b76ab52e73", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html", }, { name: "[oss-security] 20221017 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/10/18/2", }, { name: "[debian-lts-announce] 20221018 [SECURITY] [DLA 3155-1] bcel security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html", }, { name: "DSA-5256", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5256", }, { name: "[oss-security] 20221104 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/11/04/8", }, { name: "[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/11/07/2", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202401-25", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache Xalan-J", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "2.7.2", status: "affected", version: "Xalan-J", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Reported by Felix Wilhelm, Google Project Zero", }, ], descriptions: [ { lang: "en", value: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", }, ], problemTypes: [ { descriptions: [ { description: "integer truncation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-21T19:07:47.103Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { url: "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8", }, { url: "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw", }, { name: "[oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2022/07/19/5", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2022/07/19/6", }, { name: "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2022/07/20/2", }, { name: "[oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2022/07/20/3", }, { name: "DSA-5188", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5188", }, { name: "DSA-5192", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5192", }, { url: "https://security.netapp.com/advisory/ntap-20220729-0009/", }, { name: "FEDORA-2022-19b6f21746", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/", }, { name: "FEDORA-2022-ae563934f7", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/", }, { name: "FEDORA-2022-e573851f56", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/", }, { name: "FEDORA-2022-d26586b419", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/", }, { name: "FEDORA-2022-80afe2304a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/", }, { name: "FEDORA-2022-b76ab52e73", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/", }, { url: "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html", }, { name: "[oss-security] 20221017 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2022/10/18/2", }, { name: "[debian-lts-announce] 20221018 [SECURITY] [DLA 3155-1] bcel security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html", }, { name: "DSA-5256", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5256", }, { name: "[oss-security] 20221104 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2022/11/04/8", }, { name: "[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2022/11/07/2", }, { url: "https://security.gentoo.org/glsa/202401-25", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], source: { discovery: "UNKNOWN", }, title: "Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2022-34169", datePublished: "2022-07-19T00:00:00.000Z", dateReserved: "2022-06-21T00:00:00.000Z", dateUpdated: "2025-02-13T16:32:44.088Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.