Lucene search
K

47 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 9:4 a.m.9 views

Security Bulletin: IBM Content Navigator is affected by JDOM

Summary IBM Content Navigator is affected by CVE-2021-33813, an XML External Entity XXE injection vulnerability CWE-611 in the SAXBuilder component of the JDOM library through version 2.0.6. A remote attacker could exploit this via a crafted HTTP request to cause a denial of service condition. Th...

7.5CVSS6.8AI score0.19442EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/07 3:20 a.m.5 views

Security Bulletin: Vulnerabilities in SAXBuilder affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in SAXBuilder has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2021-33813 DESCRIPTION: An XX...

7.5CVSS6.1AI score0.19442EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.3 views

TencentOS Server 3: jdom2 (TSSA-2022:0275)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0275 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.5CVSS6.5AI score0.19442EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.19 views

Amazon Linux 2022 : jdom, jdom-demo, jdom-javadoc (ALAS2022-2022-010)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-010 advisory. An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. CVE-2021-33813 Tenable has extracted the preceding description block directly...

7.5CVSS6.4AI score0.19442EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/09 6:59 a.m.15 views

Security Bulletin: The IBM® Engineering Lifecycle Management is impacted by vulnerabilties in Jdom-1.0

Summary A vulnerability has been identified in Jdom version 1.0, which is used in IBM Engineering Lifecycle Management - IBM Jazz. This bulletin contains information regarding vulnerabilities and remediation actions. Vulnerability Details CVEID:CVE-2021-33813 DESCRIPTION: JDOM is vulnerable to a...

7.5CVSS6.9AI score0.19442EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/12 9:22 a.m.15 views

Security Bulletin: Potential denial of service vulnerability in Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2021-33813)

Summary An XXE issue allows attacker to cause denial of service in Apache Solr. Vulnerability Details CVEID:CVE-2021-33813 DESCRIPTION: JDOM is vulnerable to a denial of service, caused by an XXE issue in SAXBuilder. By sending a specially-crafted HTTP request, a remote attacker could exploit thi...

7.5CVSS7.4AI score0.19442EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2024/06/03 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2024:1874-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.19442EPSS
Exploits1References7
OSV
OSV
added 2024/05/30 2:30 p.m.8 views

SUSE-SU-2024:1871-1 Security update for jdom

This update for jdom fixes the following issues: - CVE-2021-33813: Fixed possible denial-of-service XXE issue in SAXBuilder via a crafted HTTP request bsc1187446...

7.5CVSS6.6AI score0.19442EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/11 1:32 p.m.41 views

Security Bulletin: Multiple vulnerabilities affect embedded rules in IBM Business Automation Workflow

Summary Embedded rules in IBM Business Automation Workflow are affected by multiple vulnerabilities. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote attacker to execute arbitrary code o...

9.8CVSS9.3AI score0.3038EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/01 7:47 p.m.64 views

Security Bulletin: XML External Entity injection vulnerability in jdom may affect custom apps in IBM Business Automation Workflow - CVE-2021-33813

Summary IBM Business Automation Workflow packages jdom. An XML External Entity XXE injection vulnerability was reported for jdom: Due to insecure default settings in jdom, a careless client application may fail to disable XML External Entity expansion features in the XML parser used by the librar...

7.5CVSS7.7AI score0.19442EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/30 11:3 a.m.26 views

Security Bulletin: ITCAM for Transactions affected by the Security vulnerability CVE-2021-33813 found in jdom-1.0.jar

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following jdom-1.0.jar vulnerability and updated jdom.jar from version 1.0 to 2.0.6.1 Vulnerability Details CVEID:CVE-2021-33813 DESCRIPTION: JDOM is vulnerable to a denial of service,...

7.5CVSS7.4AI score0.19442EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/09 1:54 p.m.69 views

Security Bulletin: IBM App Connect Enterprise toolkit and IBM Integration Bus toolkit are vulnerable to a local authenticated attacker and a denial of service due to Guava and JDOM (CVE-2023-2976, CVE-2021-33813).

Summary IBM App Connect Enterprise toolkit and IBM Integration Bus toolkit are vulnerable to a local authenticated attacker and a denial of service due to Guava and JDOM CVE-2023-2976, CVE-2021-33813. The resolving fixes include Guava version =32.1.1 & JDOM version =2.0.6.1 Vulnerability Details...

7.5CVSS7AI score0.19442EPSS
Exploits1Affected Software2
Amazon
Amazon
added 2023/05/16 12:0 a.m.27 views

Medium: jdom

Issue Overview: An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. CVE-2021-33813 Affected Packages: jdom Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference...

7.5CVSS6.5AI score0.19442EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.37 views

Amazon Linux 2023 : jdom, jdom-demo, jdom-javadoc (ALAS2023-2023-014)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-014 advisory. An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. CVE-2021-33813 Tenable has extracted the preceding description block directly...

7.5CVSS6.4AI score0.19442EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/17 7:28 p.m.21 views

Security Bulletin: A denial of service vulnerability in JDOM affects IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Virtual Environments and IBM Spectrum Protect for Space Management (CVE CVE-2021-33813)

Summary IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Virtual Environments Data Protection for Microsoft Hyper-V and Data Protection for VMware and IBM Spectrum Protect for Space Management can be affected by a vulnerability in JDOM. The vulnerability can lead to a denial o...

7.5CVSS7.3AI score0.19442EPSS
Exploits1Affected Software3
SUSE CVE
SUSE CVE
added 2023/02/15 3:40 a.m.5 views

SUSE CVE-2021-33813

An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request...

7.5CVSS6.8AI score0.19442EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2022/10/27 12:0 a.m.21 views

EulerOS 2.0 SP3 : jdom (EulerOS-SA-2022-2618)

According to the versions of the jdom package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. CVE-2021-33813 Note that...

7.5CVSS6.5AI score0.19442EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/10/26 12:0 a.m.29 views

SUSE SLES15 Security Update : jdom (SUSE-SU-2022:3547-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3547-1 advisory. - CVE-2021-33813: Fixed XXE issue in SAXBuilder can cause a denial of service via a crafted HTTP request bsc1187446. Tenable has extracted t...

7.5CVSS6.8AI score0.19442EPSS
Exploits1References4
OSV
OSV
added 2022/10/25 7:23 a.m.9 views

SUSE-SU-2022:3547-1 Security update for jdom

This update for jdom fixes the following issues: - CVE-2021-33813: Fixed XXE issue in SAXBuilder can cause a denial of service via a crafted HTTP request bsc1187446...

7.5CVSS7.3AI score0.19442EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/06 5:33 a.m.11 views

Security Bulletin: A security vulnerability has been identified in JDOM shipped with IBM Tivoli Netcool Impact (CVE-2021-33813)

Summary JDOM is shipped with IBM Tivoli Netcool Impact. Information about a security vulnerability affecting JDOM has been published in a security bulletin. Vulnerability Details CVEID: CVE-2021-33813 DESCRIPTION: JDOM is vulnerable to a denial of service, caused by an XXE issue in SAXBuilder. By...

7.5CVSS0.8AI score0.19442EPSS
Exploits1Affected Software1
Rows per page
Query Builder