CVE-2021-23926

🗓️ 14 Jan 2021 14:45:18Reported by apacheType

cve🔗 web.nvd.nist.gov📰️ 6 Media mentions👁 351 Views

XMLBeans v2.6.0 XML Parsers Vulnerabilit

Reporter	Title	Published	Views	Family All 73
IBM Security Bulletins	Security Bulletin: IBM Planning Analytics Spreadsheet Services is affected by security vulnerabilities	9 Aug 202116:45	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect embedded rules in IBM Business Automation Workflow	11 Jan 202413:32	–	ibm
IBM Security Bulletins	Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-2021-23926	30 Aug 202216:52	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in open source libraries affects Tivoli Netcool/OMNIbus WebGUI	28 Jun 202104:49	–	ibm
IBM Security Bulletins	Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.8	18 Oct 202407:56	–	ibm
IBM Security Bulletins	Security Bulletin: Apache XML Beans Vulnerability Affects the B2B API of IBM Sterling B2B Integrator (CVE-2021-23926)	20 Oct 202118:39	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.	16 Jul 202117:54	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Directory Integrator is affected by multiple security vulnerabilities	22 Jun 202316:30	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability found in XMLBeans which hipped with IBM® Intelligent Operations Center (CVE-2021-23926)	8 Sep 202206:54	–	ibm
IBM Security Bulletins	Security Bulletin: There is a vulnerability in xmlbeans-2.6.0.jar used by IBM SPSS Collaboration and Deployment Service (CVE-2021-23926)	3 Mar 202516:41	–	ibm

NVD

Vulners

Node

apache xmlbeansRange≤2.6.0

Node

netapp oncommand_unified_manager_core_packageMatch-

netapp snap_creator_frameworkMatch-

netapp snapmanagerMatch-oracle

netapp snapmanagerMatch-sap

Node

debian debian_linuxMatch9.0

Node

oracle middleware_common_libraries_and_toolsMatch12.2.1.3.0

oracle middleware_common_libraries_and_toolsMatch12.2.1.4.0

oracle peoplesoft_enterprise_peopletoolsMatch8.57

oracle peoplesoft_enterprise_peopletoolsMatch8.58

oracle peoplesoft_enterprise_peopletoolsMatch8.59

[
  {
    "product": "Apache XMLBeans",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThanOrEqual": "2.6.0",
        "status": "affected",
        "version": "Apache XMLBeans",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
lists	www.lists.debian.org/debian-lts-announce/2021/06/msg00024.html
security	www.security.netapp.com/advisory/ntap-20210513-0004/
poi	www.poi.apache.org/
lists	www.lists.apache.org/thread.html/r2dc5588009dc9f0310b7382269f932cc96cae4c3901b747dda1a7fed%40%3Cjava-dev.axis.apache.org%3E
oracle	www.oracle.com/security-alerts/cpujul2022.html
lists	www.lists.apache.org/thread.html/rbb01d10512098894cd5f22325588197532c64f1c818ea7e4120d40c1%40%3Cjava-dev.axis.apache.org%3E
issues	www.issues.apache.org/jira/browse/XMLBEANS-517
oracle	www.oracle.com/security-alerts/cpuoct2021.html

21 Nov 2024 05:52Current

9.3High risk

Vulners AI Score9.3

CVSS 26.4

CVSS 3.19.1

EPSS0.00444

CWE-776