31 matches found
Security Bulletin: Hibernate Hibernate Validator could allow a remote attacker to bypass security restriction which affects watsonx.data
Summary Hibernate Hibernate Validator could allow a remote attacker to bypass security restrictions, caused by a flaw in the message interpolation processor, which may impact watsonx.data. Vulnerability Details CVEID:CVE-2020-10693 DESCRIPTION: Hibernate Hibernate Validator could allow a remote...
Security Bulletin: Vulnerability in Hibernate Validator affects Liberty for Java for IBM Cloud (CVE-2020-10693)
Summary There is a vulnerability in the Hibernate Validator library used by WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2020-10693 DESCRIPTION: Hibernate Hibernate Validator could allow a remote attacker to bypass security restrictions, caused by a flaw in the message...
Security Bulletin: Due to use of Hibernate Validator version 6.1.2.Final IBM Tivoli Network Manager is vulnerable which allows attackers to bypass input sanitation (escaping, stripping) controls(CVE-2020-10693, CVE-2019-10219).
Summary A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation escaping, stripping controls that developers may have put i...
Security Bulletin: Multiple Security Vulnerabilities in IBM WebSphere Application Server Affect IBM Sterling B2B Integrator
Summary IBM Sterling B2B Integrator has addressed the security vulnerabilities. Vulnerability Details CVEID: CVE-2020-4590 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of...
ai.grakn.kgms:client (=1.4.3), ai.grakn:client-java (>=1.4.1 <=1.4.3) +9502 more potentially affected by CVE-2020-10693 via org.hibernate:hibernate-validator (>=3.0.0.GA <=6.0.1.Final)
org.hibernate:hibernate-validator MAVEN version =3.0.0.GA, =1.4.1, =0.13.0, =0.13.0, =0.13.0, =0.13.0, =0.7.0, =0.13.0, =0.13.0, =0.13.0, =0.13.0, =0.13.0, =1.4.1, =0.13.0, =0.13.0, =0.14.0 and more Source cves: CVE-2020-10693 Source advisory: OSV:GHSA-RMRM-75HP-PHR2...
ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.0 <=4.4.0.1), ai.dstack:server-base-local (>=0.0.12 <=0.1.15) +7224 more potentially affected by CVE-2020-10693 via org.hibernate.validator:hibernate-validator (>=6.0.0.Alpha1 <=6.0.1.Final)
org.hibernate.validator:hibernate-validator MAVEN version =6.0.0.Alpha1, =4.4.0.0, =0.0.12, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =j8.2.2.0, =Finchley.SR2.SR1, =2.1.0, =j11.2.2.0 and more Source cves: CVE-2020-10693 Source advisory:...
be.objectify:deadbolt-java_2.12 (=2.8.0), be.objectify:deadbolt-java_2.13 (=2.8.0) +871 more potentially affected by CVE-2020-10693 via org.hibernate.validator:hibernate-validator (>=6.1.0.Final <=6.1.4.Final)
org.hibernate.validator:hibernate-validator MAVEN version =6.1.0.Final, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.1.0 - ca.uhn.hapi.fhir:hapi-fhir-jpaserver-test-utilities =5.1.0 - cn.chenzw.toolkit:toolkit =1.0.3-a and more Source cves: CVE-2020-10693...
Security Bulletin: Rational Asset Analyzer is affected by a vulnerability in WebSphere Application Server Liberty (CVE-2020-10693)
Summary Rational Asset Analyzer team has addressed the following vulnerability: CVE-2020-10693. Vulnerability Details CVEID: CVE-2020-10693 DESCRIPTION: Hibernate Hibernate Validator could allow a remote attacker to bypass security restrictions, caused by a flaw in the message interpolation...
Security Bulletin: Vulnerability in WebSphere Application Server Liberty affects IBM Z Development and Test Environment - Jan 2021
Summary There is a vulnerability in WebSphere Application Server Liberty that is used by IBM Z Development and Test Environment. The issue affects WebSphere Application Server Liberty 17.0.0.3 - 20.0.0.10 using the beanValidation-2.0 feature. Vulnerability Details CVEID: CVE-2020-10693 DESCRIPTIO...
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-10693)
Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability affects the Hibernate Validator library used by WebSphere Application Server Liberty. If exploited an attacker could bypass input sanitation...
Security Bulletin: Websphere Hibernate Validator Vulnerability Affects IBM Control Center (CVE-2020-10693)
Summary Hibernate Validator could allow a remote attacker to bypass security restrictions, caused by a flaw in the message interpolation processor. Vulnerability Details CVEID: CVE-2020-10693 DESCRIPTION: Hibernate Hibernate Validator could allow a remote attacker to bypass security restrictions,...
Security Bulletin: IBM Cloud Transformation Advisor is affected by a vulnerability in WebSphere Application Server Liberty (CVE-2020-10693)
Summary IBM Cloud Transformation Advisor has addressed the following vulnerability: CVE-2020-10693 Vulnerability Details CVEID: CVE-2020-10693 DESCRIPTION: Hibernate Hibernate Validator could allow a remote attacker to bypass security restrictions, caused by a flaw in the message interpolation...
Security Bulletin: Multiple Security Vulnerabilities in IBM WebSphere Application Server affects IBM Voice Gateway
Summary Multiple security vulnerabilities in IBM WebSphere Application Server affect certain IBM Voice Gateway microservices. CVE-2020-4590 impacts the beta version, OpenID Provider microservice and CVE-2020-10693 impacts the Voice Agent Tester microservice. Vulnerability Details CVEID:...
Security Bulletin: Novalink is impacted by Vulnerability in Hibernate Validator affects WebSphere Application Server Liberty (CVE-2020-10693)
Summary Novalink uses WebSphere Application Server Liberty. There is a Vulnerability in Hibernate Validator affects WebSphere Application Server Liberty Vulnerability Details CVEID: CVE-2020-10693 DESCRIPTION: Hibernate Hibernate Validator could allow a remote attacker to bypass security...
(RHSA-2020:4344) Moderate: Open Liberty 20.0.0.11 Runtime security update
Open Liberty is a lightweight open framework for building fast and efficient cloud-native Java microservices. This release of Open Liberty 20.0.0.11 serves as a replacement for Open Liberty 20.0.0.10 and includes enhancements. For specific information about this release, see links in the Referenc...
Security Bulletin: Vulnerabilities in WebSphere Application Liberty as patternType affect IBM Cloud Pak System
Summary Vulnerabilities have been identified in special features of IBM WebSphere Application Server Liberty as pattern Type or pType component shipped with IBM Cloud Pak System. Information has been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in...
Security Bulletin: Vulnerability in Hibernate Validator affects WebSphere Application Server Liberty bundled with IBM WebSphere Application Server Patterns (CVE-2020-10693)
Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed i...
Security Bulletin: Vulnerability in Hibernate Validator affects WebSphere Application Server Liberty (CVE-2020-10693)
Summary There is a vulnerability in the Hibernate Validator library used by WebSphere Application Server Liberty. This has been addressed. Vulnerability Details CVEID: CVE-2020-10693 DESCRIPTION: Hibernate Hibernate Validator could allow a remote attacker to bypass security restrictions, caused b...
Important: Red Hat Security Advisory: Red Hat build of Quarkus 1.7.5 release and security update
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...
Important: Red Hat Security Advisory: Red Hat support for Spring Boot 2.2.6.SP2 security update
An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...