321 matches found
OESA-2025-2383 xml-security security update
The XML Security project is aimed at providing implementation of security standards for XML. Currently the focus is on the W3C standards : - XML-Signature Syntax and Processing; and - XML Encryption Syntax and Processing. Security Fixes: All versions of Apache Santuario - XML Security for Java...
EUVD-2013-2118
Malware in sbrugna...
EUVD-2021-2083
Malware in sbrugna...
EUVD-2019-0620
Malware in sbrugna...
EUVD-2012-4007
Malware in sbrugna...
EUVD-2013-2119
Malware in sbrugna...
EUVD-2013-2121
Malware in sbrugna...
EUVD-2013-2164
Malware in sbrugna...
EUVD-2022-5065
Malicious code in bioql PyPI...
EUVD-2022-5522
Malicious code in bioql PyPI...
EUVD-2023-2836
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-40690
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the secureValidation property is not passed...
Linux Distros Unpatched Vulnerability : CVE-2023-44483
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a privat...
Security Bulletin: IBM Cognos Analytics is affected by multiple vulnerabilities
Summary IBM Cognos Analytics is affected by vulnerabilities in IBM WebSphere Application Server Liberty and Open-Source Software OSS. Issues related to these components have been addressed by upgrading or removing the vulnerable libraries. Additionally, a cross-site scripting XSS vulnerability ha...
Linux Distros Unpatched Vulnerability : CVE-2019-12400
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of...
Security Bulletin: Multiple vulnerabilities in IBM WebSphere Liberty Profile affect IBM Robotic Process Automation.
Summary Multiple vulnerabilities in IBM WebSphere Liberty Profile affect IBM Robotic Process Automation. IBM WebSphere Liberty Profile is used by IBM Robotic Process Automation as part of UMS and as an application server for container deployments. This bulletin identifies the security fixes to...
Security Bulletin: IBM Sterling Global High Availability Mailbox is affected by IBM WebSphere Application Server Liberty is vulnerable to information disclosure due to Apache Santuario (CVE-2023-44483)
Summary IBM Sterling Global High Availability Mailbox is affected by a vulnerability in the Apache Santuario library used by IBM WebSphere Application Server Liberty when the wsSecurity-1.1, wsSecuritySaml-1.1 or samlWeb-2.0 feature is enabled. Vulnerability Details CVEID:CVE-2023-44483...
Security Bulletin: IBM Observability with Instana is affected by Multiple Security Vulnerabilities
Summary Multiple vulnerabilities were addressed in IBM Observability with Instana in build 1.285.0 Vulnerability Details CVEID:CVE-2021-40690 DESCRIPTION: Apache Santuario XML Security for Java could allow a remote attacker to bypass security restrictions, caused by the improper passing of the...
Security Bulletin: IBM B2B Sterling integrator is affected by Apache Santuario vulnerability to information disclosure
Summary IBM B2B Sterling integrator is vunerable to information disclosure due to Apache Santuario Vulnerability Details CVEID:CVE-2023-44483 DESCRIPTION: Apache Santuario could allow a remote authenticated attacker to obtain sensitive information, caused by the storage of a private key in the lo...
Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana using third-party Kubernetes Operators build 283 Vulnerability Details CVEID:CVE-2024-35195 DESCRIPTION: Psf Requests could allow a local authenticated attacker to bypass security restrictions, caused by an incorre...