17 matches found
Oracle WebCenter Sites (Apr 2022 CPU)
The 12.2.1.3.0 and 12.2.1.4.0 versions of WebCenter Sites installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2022 CPU advisory. - Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: WebCenter Sites Cryptacular...
JFrog Artifactory < 6.23.1 Multiple Vulnerabilities
According to its self-reported version number, the version of JFrog Artifactory installed on the remote machine is prior to 6.23.1. It is, therefore, affected by multiple vulnerabilities: - CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to...
Important: Red Hat Security Advisory: Red Hat Fuse 7.8.0 release and security update
A minor version update from 7.7 to 7.8 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.1 Security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.1 Security update (Important) (RHSA-2020:2512)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2512 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.1 Security update (Important) (RHSA-2020:2511)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2511 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.1 Security update (Important) (RHSA-2020:2513)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2513 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
be.kuleuven.ccis.util:jwt (=1.0.0), com.buession.cas:buession-cas-core (=1.1.0) +417 more potentially affected by CVE-2020-7226 via org.cryptacular:cryptacular (>=1.2.0 <=1.2.3)
org.cryptacular:cryptacular MAVEN version =1.2.0, =0.8, =0.10, =0.10, =0.10, =0.8, =0.8, =0.8, =0.9, =0.9.4 and more Source cves: CVE-2020-7226 Source advisory: OSV:GHSA-X64G-4XX9-FH6X...
br.com.absoftware.gerabook:gerabook (>=1.1 <=1.2), cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE) +477 more potentially affected by CVE-2020-7226 via org.cryptacular:cryptacular (>=1.0 <=1.1.3)
org.cryptacular:cryptacular MAVEN version =1.0, =1.1, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =1.4.0.0, =0.7.0.1, =1.0.0, =3.0.0, =5.0.0, =2.2.4, =2.2.4, =2.2.4, =2.3.19 - com.exacttarget:fuelsdk =1.1.0 and more Source cves: CVE-2020-7226 Source advisory:...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.1 Security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.2.8 on RHEL 8 (RHSA-2020:2060)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2060 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.8 serves as a replacement for Red Hat JBoss Enterprise Application Platfor...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.8 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.8 on RHEL 8 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.8 on RHEL 7 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
CVE-2020-7226
CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...
CVE-2020-7226
Technical details for CVE-2020-7226 are not provided in the connected documents. The initial description notes memory exhaustion in Cryptacular’s CiphertextHeader during decode, but no version/vendor specifics beyond Cryptacular 1.2.3. Monitor for updates.
CVE-2020-7226
CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...