8 matches found
Security Bulletin: Multiple Vulnerabilities in Jackson Core affect IBM Maximo Asset Management
Summary Multiple Vulnerabilities in Jackson Core affect IBM Maximo Asset Management Vulnerability Details CVEID: CVE-2016-7051 DESCRIPTION: jackson-dataformat-xml is vulnerable to server-side request forgery, caused by a flaw in the XmlMapper. By using vectors related to a DTD, an attacker could...
Fedora Update for bouncycastle FEDORA-2019-df57551f6d
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora Update for eclipse-linuxtools FEDORA-2019-df57551f6d
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 29 : bouncycastle / eclipse-jgit / eclipse-linuxtools / etc (2019-df57551f6d)
Fixes CVE-2018-14718 CVE-2018-14719 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable...
aero.loretta:sdk-api-client (>=1.0.0 <=1.0.3), ai.entrolution:thylacine_2.13 (>=0.11.0 <=0.16.0) +10056 more potentially affected by CVE-2016-7051 via com.fasterxml.jackson.dataformat:jackson-dataformat-xml (>=2.0.0-RC2 <=2.7.7)
com.fasterxml.jackson.dataformat:jackson-dataformat-xml MAVEN version =2.0.0-RC2, =1.0.0, =0.11.0, =0.13.0, =1.0.0, =0.5.1, =0.5.1, =0.5.1, =0.7.0, =0.6.1, =0.6.1, =0.7.0, =0.6.1, =0.6.1, =0.6.1, =0.6.1, =0.10.0 and more Source cves: CVE-2016-7051 Source advisory: OSV:GHSA-7C2R-3JQF-C9RW...
CVE-2016-7051
XmlMapper in the Jackson XML dataformat component aka jackson-dataformat-xml before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery SSRF attacks via vectors related to a DTD...
CVE-2016-7051
XmlMapper in the Jackson XML dataformat component aka jackson-dataformat-xml before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery SSRF attacks via vectors related to a DTD...
CVE-2016-7051
XmlMapper in the Jackson XML dataformat component aka jackson-dataformat-xml before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery SSRF attacks via vectors related to a DTD...