11 matches found
EUVD-2020-0251
Malware in sbrugna...
Debian DLA-2099-1 : checkstyle security update
Security researchers from Snyk discovered that the fix for CVE-2019-9658 was incomplete. Checkstyle, a development tool to help programmers write Java code that adheres to a coding standard, was still vulnerable to XML External Entity XXE injection. For Debian 8 'Jessie', this problem has been...
Debian: Security Advisory (DLA-2099-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2019-10782
All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity XXE Injection due to an incomplete fix for CVE-2019-9658...
CVE-2019-10782
All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity XXE Injection due to an incomplete fix for CVE-2019-9658...
Xxe
All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity XXE Injection due to an incomplete fix for CVE-2019-9658...
CVE-2019-10782
All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity XXE Injection due to an incomplete fix for CVE-2019-9658...
CVE-2019-10782
All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity XXE Injection due to an incomplete fix for CVE-2019-9658...
[SECURITY] [DLA 1768-1] checkstyle security update
Package : checkstyle Version : 5.9-1+deb8u1 CVE ID : CVE-2019-9658 checkstyle was loading external DTDs by default, which is now disabled by default. If needed it can be re-enabled by setting the system property checkstyle.enableExternalDtdLoad to true. For Debian 8 "Jessie", this problem has bee...
CVE-2019-9658
Checkstyle before 8.18 loads external DTDs by default...
CVE-2019-9658
CVE-2019-9658 affects Checkstyle (com.puppycrawl.tools:checkstyle). Multiple connected sources confirm that versions prior to 8.29 are vulnerable to XML External Entity (XXE) Injection due to an incomplete fix for CVE-2019-9658. The root cause is an incomplete/partial mitigation in the earlier fi...