Lucene search

CVE-2020-1953

🗓️ 25 Mar 2020 02:18:39Reported by redhat.comType

A flaw in Apache Commons Configuration allows code execution via special statements in YAML file

Reporter	Title	Published	Views	Family All 22
IBM Security Bulletins	Security Bulletin: Apache Commons Configuration Vulnerability Affects IBM Sterling Connect:Direct File Agent (CVE-2020-1953)	23 Jul 202118:03	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Multicloud Management has applied security fixes for its use of Apache Commons	1 Dec 202114:55	–	ibm
IBM Security Bulletins	Security Bulletin: Apache Commons Configuration Vulnerability Affects IBM Control Center (CVE-2020-1953)	28 Jan 202112:49	–	ibm
IBM Security Bulletins	Security Bulletin: IBP javaenv and dind images	14 Dec 202014:48	–	ibm
IBM Security Bulletins	Security Bulletin: Apache Commons Configuration Vulnerability Affects IBM Jazz Reporting Service (CVE-2020-1953)	11 Oct 202306:52	–	ibm
NVD	CVE-2020-1953	13 Mar 202015:15	–	nvd
CVE	CVE-2020-1953	13 Mar 202015:15	–	cve
Veracode	Arbitrary Code Execution	16 Mar 202004:22	–	veracode
Veracode	Arbitrary Code Execution	26 May 202005:54	–	veracode
OSV	Remote code execution in Apache Commons Configuration	21 May 202019:08	–	osv

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-1953
github	www.github.com/apache/commons-configuration/commit/add7375cf37fd316d4838c6c56b054fc293b4641
lists	www.lists.apache.org/thread.html/rde2186ad6ac0d6ed8d51af7509244adcf1ce0f9a3b7e1d1dd3b64676@%3Ccommits.camel.apache.org%3E
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Mar 2020 02:39Current

3Low risk

Vulners AI Score3

EPSS0.01799