22 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-23926
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include...
Security Bulletin: There is a vulnerability in xmlbeans-2.6.0.jar used by IBM SPSS Collaboration and Deployment Service (CVE-2021-23926)
Summary There is a vulnerability in xmlbeans-2.6.0.jar used by IBM SPSS Collaboration and Deployment Service CVE-2021-23926 Vulnerability Details CVEID:CVE-2021-23926 DESCRIPTION: Apache XMLBeans is vulnerable to a denial of service, caused by an XML external entity XXE error when processing XML...
Oracle Business Intelligence Enterprise Edition (July 2024 CPU)
The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Orac...
Security Bulletin: There is a vulnerability in xmlbeans-2.6.0.jar used by IBM Maximo Asset Management application (CVE-2021-23926)
Summary There is a vulnerability in xmlbeans-2.6.0.jar used by IBM Maximo Asset Management application CVE-2021-23926 Vulnerability Details CVEID:CVE-2021-23926 DESCRIPTION: Apache XMLBeans is vulnerable to a denial of service, caused by an XML external entity XXE error when processing XML data. ...
Security Bulletin: Multiple vulnerabilities affect embedded rules in IBM Business Automation Workflow
Summary Embedded rules in IBM Business Automation Workflow are affected by multiple vulnerabilities. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote attacker to execute arbitrary code o...
Security Bulletin: Vulnerability of xmlbeans-2.6.0.jar has affected APM DataPower agent.
Summary APM DataPower Agent is vulnerable to xmlbeans-2.6.0.jar vulnerability described in CVE 2021-23926. The fix includes xmlbeans-2.6.0.jar upgraded to xmlbeans-3.1.0.jar Vulnerability Details CVEID:CVE-2021-23926 DESCRIPTION: Apache XMLBeans is vulnerable to a denial of service, caused by an...
SUSE CVE-2021-23926
The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0...
SUSE: Security Advisory (SUSE-SU-2022:3875-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : xmlbeans (SUSE-SU-2022:3876-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3876-1 advisory. - CVE-2021-23926: Fixed XML parsers not protecting from malicious XML input bsc1180915. Tenable has extracted the...
SUSE-SU-2022:3875-1 Security update for xmlbeans
This update for xmlbeans fixes the following issues: - CVE-2021-23926: Fixed XML parsers not protecting from malicious XML input bsc1180915...
Vulnerabilities fixed in Oracle Siebel CRM
Vulnerabilities have been fixed in Oracle Siebel CRM. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Oracle has fixed vulnerabilities in the...
Security Bulletin: A vulnerability found in XMLBeans which hipped with IBM® Intelligent Operations Center (CVE-2021-23926)
Summary A vulnerability related to DOS attach has been found in XMLBeans which hipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...
Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-2021-23926
Summary IBM TRIRIGA Application Platform discloses CVE-2021-23926 Vulnerability Details CVEID:CVE-2021-23926 DESCRIPTION: Apache XMLBeans is vulnerable to a denial of service, caused by an XML external entity XXE error when processing XML data. By sending a specially-crafted XML request, a remote...
Security Bulletin: Apache XMLBeans XML Entity Expansion security vulnerability in IBM FileNet Content Manager
Summary IBM FileNet Content Manager has XML Entity Expansion security vulnerabilties with Apache XMLBeans. Vulnerability Details CVEID: CVE-2021-23926 DESCRIPTION: Apache XMLBeans is vulnerable to a denial of service, caused by an XML external entity XXE error when processing XML data. By sending...
Security Bulletin: Apache XML Beans Vulnerability Affects the B2B API of IBM Sterling B2B Integrator (CVE-2021-23926)
Summary IBM Sterling B2B Integrator has addressed the security vulnerability. Vulnerability Details CVEID: CVE-2021-23926 DESCRIPTION: Apache XMLBeans is vulnerable to a denial of service, caused by an XML external entity XXE error when processing XML data. By sending a specially-crafted XML...
Security Bulletin: Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.
Summary There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Requirements Management DOORS Next DOORS Next, IBM Engineering Workflow Management EWM, IBM...
ae.teletronics.nlp:entityextraction (>=1.3 <=1.4), ar.com.fdvs:DynamicJasper (=4.0.4) +5791 more potentially affected by CVE-2021-23926 via org.apache.xmlbeans:xmlbeans (>=2.2.0 <=2.6.0)
org.apache.xmlbeans:xmlbeans MAVEN version =2.2.0, =1.3, =1.10.2, =1.13.0, =1.0.1, =0.0.1, =1.1.8, =2.23.5, =2.23.5, =25.11.0 and more Source cves: CVE-2021-23926 Source advisory: OSV:GHSA-MW3R-PFMG-XP92...
OESA-2021-1077 xmlbeans security update
XMLBeans is a tool that allows you to access the full power of XML in a Java friendly way. It is an XML-Java binding tool. The idea is that you can take advantage the richness and features of XML and XML Schema and have these features mapped as naturally as possible to the equivalent Java languag...
CVE-2021-23926
The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0...
CVE-2021-23926
The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0...