Lucene search
K

406 matches found

Redos
Redos
added 2023/07/06 12:0 a.m.15 views

ROS-2-901

2.901 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS9.5AI score0.0262EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.12 views

ROS-2-1264

2.1264 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS9.4AI score0.0262EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.17 views

ROS-2-1565

2.1565 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS6.7AI score0.0262EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.23 views

ROS-2-1290

2.1290 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.1AI score0.0262EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.10 views

ROS-2-1647

2.1647 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7AI score0.0262EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/07/05 12:0 a.m.17 views

Fedora: Security Advisory for apache-ivy (FEDORA-2023-35f775fd6e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.5AI score0.01819EPSS
Exploits0References2
Fedora
Fedora
added 2023/07/04 1:34 a.m.30 views

[SECURITY] Fedora 38 Update: apache-ivy-2.5.1-3.fc38

Apache Ivy is a tool for managing recording, tracking, resolving and reporting project dependencies. It is designed as process agnostic and is not tied to any methodology or structure. while available as a standalone tool, Apache Ivy works particularly well with Apache Ant providing a number of...

9.1CVSS7AI score0.01819EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/03 11:38 a.m.75 views

Security Bulletin: Multiple vulnerabilities of Apache Ant (ant-1.7.0.jar, ant-1.8.4.jar) have affected APM JBoss, APM WebLogic and APM SAP NetWeaver Java™ Stack Agents.

Summary APM JBoss, APM WebLogic and APM SAP NetWeaver Java™ Stack Agents are vulnerable to Apache Antant-1.7.0.jar, ant-1.8.4.jar CVE-2021-36373, CVE-2020-1945, CVE-2012-2098, CVE-2020-11979, CVE-2021-36374. The fix includes ant jar upgraded to ant-1.10.13.jar. Vulnerability Details...

7.5CVSS7.2AI score0.12608EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/04/20 12:0 a.m.39 views

Oracle Application Testing Suite (Apr 2023 CPU)

The version of Oracle Application Testing Suite installed on the remote host is affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory: - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps Apac...

7.5CVSS6.8AI score0.1121EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/03 7:41 a.m.27 views

Security Bulletin: Multiple vulnerabilities affect Apache Ant shipped with IBM Operations Analytics - Log Analysis

Summary There are vulnerabilities in Apache Ant. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID:CVE-2021-36373 DESCRIPTION: Apache Ant is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By...

7.5CVSS7.5AI score0.12608EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/31 11:43 a.m.52 views

Security Bulletin: Vulnerability in ant-1.8.1.jar affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0)

Summary The ant-1.8.1.jar package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2012-2098, CVE-2020-11979, CVE-2021-36374, CVE-2021-36373, CVE-2020-1945. Vulnerability Details CVEID:CVE-2012-2098 DESCRIPTION: Apache Commons...

7.5CVSS7.2AI score0.12608EPSS
Exploits1Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.4 views

SUSE CVE-2020-1945

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build...

4.9CVSS9.6AI score0.01793EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.6 views

SUSE CVE-2020-11979

As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the...

4.9CVSS9.2AI score0.08235EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.4 views

SUSE CVE-2021-36373

When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant prior to 1.9.16 and 1.10.11 were affected...

5.5CVSS7.9AI score0.02511EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-4874-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS7.2AI score0.01793EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/12 12:0 a.m.30 views

Oracle Enterprise Manager Ops Center UI and Other Patches (Jul 2020 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2020 CPU advisory. - Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Apache Log4j. The supporte...

9.8CVSS6.8AI score0.8904EPSS
Exploits2References4
Amazon
Amazon
added 2022/12/06 12:0 a.m.35 views

Medium: ant

Issue Overview: When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats...

5.5CVSS6.4AI score0.0262EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/11/17 12:0 a.m.56 views

SUSE SLES12: ant / ant-antlr / ant-apache-bcel / ant-apache-bsf / etc (SUSE-SU-2022:4022-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4022-1 advisory. - CVE-2020-1945: Fixed insecure temporary file vulnerability bsc1171696. - CVE-2020-11979: Fixed issue introduced with fix for...

7.5CVSS6.8AI score0.08235EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/14 9:53 p.m.53 views

Security Bulletin: Multiple vulnerabilities in Apache Ant affect IBM InfoSphere Information Server

Summary Multiple vulnerabilities in Apache Ant used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2021-36373 DESCRIPTION: Apache Ant is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By...

5.5CVSS6.2AI score0.12608EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/29 1:7 p.m.49 views

Security Bulletin: Multiple Vulnerabilities may affect Apache Ant used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Summary Multiple Vulnerabilities found in Apache Ant used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections Vulnerability Details CVEID:CVE-2021-36373 DESCRIPTION: Apache Ant is vulnerable to a...

5.5CVSS6.2AI score0.0262EPSS
Exploits0Affected Software1
Rows per page
Query Builder