Lucene search
CentOS ProjectCESA-2018:1780HistoryJun 01, 2018 - 4:59 p.m.
xmlrpc security update
2018-06-0116:59:06
CentOS Project
lists.centos.org
100
CentOS Errata and Security Advisory CESA-2018:1780
Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls.
Security Fix(es):
- xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag (CVE-2016-5003)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2018-June/085076.html
Affected packages:
xmlrpc-client
xmlrpc-common
xmlrpc-javadoc
xmlrpc-server
Upstream details at:
https://access.redhat.com/errata/RHSA-2018:1780
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 7 | noarch | xmlrpc-client | <Â 3.1.3-9.el7_5 | xmlrpc-client-3.1.3-9.el7_5.noarch.rpm |
| CentOS | 7 | noarch | xmlrpc-common | <Â 3.1.3-9.el7_5 | xmlrpc-common-3.1.3-9.el7_5.noarch.rpm |
| CentOS | 7 | noarch | xmlrpc-javadoc | <Â 3.1.3-9.el7_5 | xmlrpc-javadoc-3.1.3-9.el7_5.noarch.rpm |
| CentOS | 7 | noarch | xmlrpc-server | <Â 3.1.3-9.el7_5 | xmlrpc-server-3.1.3-9.el7_5.noarch.rpm |
Related
oraclelinux
oraclelinux
xmlrpc security update
2018-06-01 00:00:00
xmlrpc3 security update
2018-05-31 00:00:00
redhatcve
redhatcve
CVE-2016-5003
2017-10-31 20:49:18
nessus
nessus
NewStart CGSL CORE 5.04 / MAIN 5.04 : xmlrpc Vulnerability (NS-SA-2019-0037)
2019-08-12 00:00:00
Amazon Linux 2 : xmlrpc (ALAS-2018-1041)
2018-06-29 00:00:00
CentOS 7 : xmlrpc (CESA-2018:1780)
2018-06-04 00:00:00
redhat
redhat
(RHSA-2018:1780) Important: xmlrpc security update
2018-05-31 20:37:27
(RHSA-2018:1779) Important: xmlrpc3 security update
2018-05-31 16:03:41
(RHSA-2018:1784) Important: rh-java-common-xmlrpc security update
2018-06-04 10:24:47
centos
centos
xmlrpc3 security update
2018-06-01 15:12:42
prion
prion
Code injection
2017-10-27 18:29:00
osv
osv
Apache XML-RPC vulnerable to Deserialization of Untrusted Data
2022-05-14 01:53:10
cvelist
cvelist
CVE-2016-5003
2017-10-27 18:00:00
amazon
amazon
Important: xmlrpc
2018-06-20 19:55:00
openvas
openvas
CentOS Update for xmlrpc3-client CESA-2018:1779 centos6
2018-06-02 00:00:00
CentOS Update for xmlrpc-client CESA-2018:1780 centos7
2018-06-02 00:00:00
Fedora Update for xmlrpc FEDORA-2018-6e6f1003d6
2018-06-03 00:00:00
veracode
veracode
Deserialization Of Untrusted Data Through Serializable Data Type
2019-01-15 09:23:30
cve
cve
CVE-2016-5003
2017-10-27 18:29:00
github
github
Apache XML-RPC vulnerable to Deserialization of Untrusted Data
2022-05-14 01:53:10
fedora
fedora
[SECURITY] Fedora 28 Update: xmlrpc-3.1.3-20.fc28
2018-06-02 20:46:11
[SECURITY] Fedora 27 Update: xmlrpc-3.1.3-20.fc27
2018-06-02 21:12:27
mageia
mageia
Updated xmlrpc packages fix security vulnerabilities
2019-01-05 21:30:16
gentoo
gentoo
Apache XML-RPC: Multiple Vulnerabilities
2024-01-22 00:00:00