406 matches found
CBL Mariner 2.0 Security Update: ant / javapackages-bootstrap (CVE-2021-36373)
The version of ant / javapackages-bootstrap installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-36373 advisory. - When reading a specially crafted TAR archive an Apache Ant build can be made to alloca...
Vulnerabilities fixed in IBM Cognos Controller
IBM has fixed vulnerabilities in IBM Cognos Controller Versions 11.0.0 to 11.0.1 FP3 and 11.1.0. The vulnerabilities allow a malicious person to perform attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Cross-Site-Scripting XSS. - Circumvention of a security...
CVE-2024-37779
WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution RCE vulnerability via the Apache Ant script functionality...
WoodWing Elvis DAM 安全漏洞
WoodWing Elvis DAM is a digital asset management solution from WoodWing, Inc. A security vulnerability exists in WoodWing Elvis DAM version 6.98.1, which stems from a Remote Command Execution RCE vulnerability that includes authentication via the Apache Ant scripting feature...
CVE-2024-37779
WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution RCE vulnerability via the Apache Ant script functionality...
CVE-2024-37779
WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution RCE vulnerability via the Apache Ant script functionality...
CVE-2024-37779
CVE-2024-37779 affects WoodWing Elvis DAM v6.98.1 and describes an authenticated remote command execution via the Apache Ant script functionality. The Red Hat/NVD/CVE entries confirm the vulnerability and context (authenticated RCE, Ant script). Connected sources note that exploitation details ar...
Security Bulletin: Potential Directory Traversal Vulnerability in Apache Ant shipped with IBM Operations Analytics - Log Analysis (CVE-2022-48285)
Summary There is a potential directory traversal vulnerability via a crafted zip in Apache Ant Vulnerability Details CVEID:CVE-2022-48285 DESCRIPTION: JSZip could allow a remote attacker to traverse directories on the system, caused by the failure to sanitize filenames when files are loaded with...
Security Bulletin: Vulnerabilities in Apache Ant affect IBM Operations Analytics - Log Analysis (CVE-2020-11023, CVE-2020-23064, CVE-2020-11022)
Summary There are multple cross site scripting vulnerabilities in Apache Ant that effect IBM Operations Analytics - Log Analysis. These have been addressed. Vulnerability Details CVEID:CVE-2020-11023 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of...
Security Bulletin: IBM Analytics Content Hub is affected by security vulnerabilities
Summary Security Bulletin: IBM Analytics Content Hub is affected, but not classified as vulnerable, based on current information, to vulnerabilities in Open Source Software. IBM Analytics Content Hub has addressed the applicable CVEs by upgrading the vulnerable libraries. Vulnerability Details...
RHEL 8 : ant (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ant: insecure temporary file vulnerability CVE-2020-1945 - When reading a specially crafted ZIP archive, ...
RHEL 5 : ant (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ant: insecure temporary file CVE-2020-11979 - Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the...
RHEL 7 : ant (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ant: insecure temporary file CVE-2020-11979 - When reading a specially crafted TAR archive an Apache Ant...
ROS-2-1942
2.1942 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-1356
2.1356 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-1388
2.1388 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-1452
2.1452 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-1457
2.1457 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-2098
2.2098 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-967
2.967 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...