32 matches found
Atlassian Confluence 8.5.x < 8.5.21 / 8.6.x < 9.2.3 / 9.3.x < 9.4.0 (CONFSERVER-99547)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-99547 advisory. - A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affect...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to issues due to Data Mapper for Jackson
Summary IBM B2B Advanced Communications has addressed vulnerabilities in Data Mapper for Jackson shipped with product. Vulnerability Details CVEID:CVE-2019-10172 DESCRIPTION: Jackson-mapper-asl could allow a remote attacker to obtain sensitive information, caused by an XML external entity XXE err...
Security Bulletin: Vulnerabilities found in jackson-mapper-asl which is shipped with IBM® Intelligent Operations Center(CVE-2019-10172, CVE-2019-10202)
Summary Multiple vulnerabilities have been identified in jackson-mapper-asl which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...
Security Bulletin: Vulnerabilities found in jackson-mapper-asl-1.9.13.jar which is shipped with IBM® Intelligent Operations Center(CVE-2019-10202, CVE-2019-10172)
Summary Multiple vulnerabilities have been identified in jackson-mapper-asl-1.9.13.jar which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerabilit...
Security Bulletin: IBM Match 360 is vulnerable to CVE-2019-10202 and CVE-2019-10172 for jackson-mapper-asl
Summary Match 360 is vulnerable to the following CVEs: CVE-CVE-2019-10202 and CVE-2019-10172 Vulnerability Details CVEID:CVE-2019-10202 DESCRIPTION: Red Hat JBoss Enterprise Application Platform EAP could allow a remote attacker to execute arbitrary code on the system, caused by improper...
Security Bulletin: Multiple Vulnerabilities of Apache HttpClient and Jackson-mapper have affected IBM Tivoli Monitoring for Virtual Environments Agent for Linux Kernel-based Virtual Machines
Summary IBM Tivoli Monitoring for Virtual Environments Agent for Linux Kernel-based Virtual Machines is vulnerable to Apache HttpClient and jackson-mapper as described in 220912, CVE-2020-13956, CVE-2019-10202, CVE-2019-10172. The fix includes upgrading required libraries to latest version...
Security Bulletin: Multiple Vulnerabilities of Jackson-Mapper-asl have affected APM Linux KVM Agent
Summary APM Linux KVM Agent is vulnerable to Jackson-mapper-asl vulnerabilities described in CVE-2019-10202 and CVE-2019-10172. The fix includes jackson-mapper-asl-1.9.13.jar upgraded to jackson-databind-2.14.0.jar Vulnerability Details CVEID:CVE-2019-10202 DESCRIPTION: Red Hat JBoss Enterprise...
Security Bulletin: IBM Sterling Global Mailbox vulnerable to sensitive information exposure due to Jackson Data Mapper (CVE-2019-10172)
Summary Data mapper for Jackson is shipped with IBM Sterling Global Mailbox. Sensitive information exposure due to XXE error impacts Data mapper for Jackson. Remediation is available for the issues. Vulnerability Details CVEID: CVE-2019-10172 DESCRIPTION: Jackson-mapper-asl could allow a remote...
Security Bulletin: Jackson Data Mapper Vulnerability Affects IBM Sterling B2B Integrator (CVE-2019-10172)
Summary IBM Sterling B2B Integrator has addressed the security vulnerability. Vulnerability Details CVEID: CVE-2019-10172 DESCRIPTION: Jackson-mapper-asl could allow a remote attacker to obtain sensitive information, caused by an XML external entity XXE error when processing XML data. By sending ...
Update atlassian-gadgets to 4.2.39 to fix CVE-2012-0881, CVE-2014-0114 and other vulnerabilities
Affected versions of Atlassian Fisheye and Crucible allow an unauthenticated remote attacker to achieve remote code execution, denial of service and XML external entities in Atlassian Gadgets. The CVEs involved were: CVE-2012-0881 CVE-2019-10172 CVE-2018-1000632 CVE-2016-1000031 CVE-2014-0114...
Important: Red Hat Security Advisory: Red Hat Data Grid 7.3.7 security update
An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Important: Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 20 security update
This is a security update for JBoss EAP Continuous Delivery 20. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Debian: Security Advisory (DLA-2342-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2342-1 : libjackson-json-java security update
Several vulnerabilities were fixed in libjackson-json-java, a Java JSON processor. CVE-2017-7525 Jackson Deserializer security vulnerability. CVE-2017-15095 Block more JDK types from polymorphic deserialization. CVE-2019-10172 XML external entity vulnerabilities. For Debian 9 stretch, these...
[SECURITY] [DLA 2342-1] libjackson-json-java security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2342-1 [email protected] https://www.debian.org/lts/security/ August 24, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.1 Security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.1 Security update (Important) (RHSA-2020:2511)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2511 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.1 Security update (Important) (RHSA-2020:2513)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2513 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.1 Security update (Important) (RHSA-2020:2512)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2512 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.1 Security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...