8 matches found
Amazon Linux 2023 : xmlunit, xmlunit-assertj, xmlunit-core (ALAS2023-2025-1260)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1260 advisory. XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XSLT extension functions are enabled...
Important: xmlunit
Issue Overview: XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XSLT extension functions are enabled. CVE-2024-31573 Affected Packages: xmlunit Issue Correction: Run dnf update xmlunit...
CVE-2024-31573
XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XSLT extension functions are enabled...
CVE-2024-31573
CVE-2024-31573 affects XMLUnit for Java prior to 2.10.0. In default configurations, XSLT extension functions are enabled during an XSLT transformation, which may allow code execution via an untrusted stylesheet. The vulnerability is described across multiple connected documents (including Nessus ...
OESA-2025-1968 xmlunit security update
Security Fixes: A vulnerability was found in xmlunit-core. It has been declared as problematic.As an impact it is known to affect confidentiality, integrity, and availability.Upgrading to version 2.10.0 eliminates this vulnerability.CVE-2024-31573...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to XMLUnit for Java arbitrary code execution vulnerability [CVE-2024-31573]
Summary Potential XMLUnit for Java arbitrary code execution vulnerability CVE-2024-31573 have been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details...
Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to xmlunit-core-2.9.1.jar CVE-2024-31573
Summary IBM Maximo Application Suite - Monitor Component is vulnerable to xmlunit-core-2.9.1.jar CVE-2024-31573. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-31573 DESCRIPTION: XMLUnit for Java could allow an attacker to execute...
org.xmlunit:xmlunit-legacy (>=2.0.0 <=2.0.0-alpha-04), org.xmlunit:xmlunit-matchers (>=2.0.0 <=2.0.0-alpha-04) potentially affected by CVE-2024-31573 via org.xmlunit:xmlunit-core (>=2.0.0-alpha-02 <=2.0.0)
org.xmlunit:xmlunit-core MAVEN version =2.0.0-alpha-02, =2.0.0, =2.0.0, =2.0.0-alpha-04 Source cves: CVE-2024-31573 Source advisory: OSV:GHSA-CHFM-68VV-PVW5...