12 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-39239
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in XML processing in Apache Jena, in versions up to 4.1.0, may allow an attacker to execute XML External Entities XXE, including exposing the...
Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing is vulnerable to a remote attack due to Apache Jena Core
Summary BM Engineering Lifecycle Optimization - Publishing is vulnerable to a remote attack due to Apache Jena Core Vulnerability Details CVEID:CVE-2021-39239 DESCRIPTION: Apache Jena could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity...
Security Bulletin: IBM Jazz Reporting Service is vulnerable to XML external entity (XXE) attacks due to a vulnerability in XML processing in Apache Jena, in versions up to 4.1.0 (CVE-2021-39239)
Summary IBM Jazz Reporting Service is vulnerable to CVE-2021-39239 due to a vulnerability in XML processing in Apache Jena, in versions up to 4.1.0. Apache Jena is used by IBM Jazz Reporting Service for working with RDF models. The fix disables external entity processing in calls made to the...
Security Bulletin: IBM Integration Bus is vulnerable to a remote attack due to Apache Jena (CVE-2021-39239, CVE-2022-28890, CVE-2023-22665).
Summary IBM Integration Bus is vulnerable to a remote attack due to Apache Jena CVE-2021-39239, CVE-2022-28890, CVE-2023-22665. Vulnerability Details CVEID:CVE-2023-22665 DESCRIPTION: Apache Jena could allow a remote attacker to execute arbitrary code on the system, caused by improper checking of...
Security Bulletin: IBM Engineering Requirements Management DOORS Next is vulnerable to XML external entity (XXE) attacks due to a vulnerability in XML processing in Apache Jena, in versions up to 4.1.0 (CVE-2021-39239)
Summary IBM Engineering Requirements Management DOORS Next is vulnerable to CVE-2021-39239 due to a vulnerability in XML processing in Apache Jena, in versions up to 4.1.0. Apache Jena is used by IBM Engineering Requirements Management DOORS Next for working with RDF models. The fix disables...
Security Bulletin: IBM InfoSphere Identity Insight vulnerabilities in third party libraries (CVE-2021-39239, CVE-2022-23308, CVE-2021-29424, CVE-2020-15250, 177835)
Summary A vulnerability in the libxml2 library can cause a denial of service in IBM InfoSphere Identity Insight. Other vulnerabilities that do not impact Identity Insight are present in four libraries that are currently included with the product but not used. Vulnerability Details...
CVE-2021-39239
creationtimestamp| type| source ---|---|--- 2021-09-16 18:22:56+00:00| seen| https://t.me/cibsecurity/28995 2024-05-14 02:35:13+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/4454...
CVE-2021-39239
A vulnerability in XML processing in Apache Jena, in versions up to 4.1.0, may allow an attacker to execute XML External Entities XXE, including exposing the contents of local files to a remote server...
CVE-2021-39239
A vulnerability in XML processing in Apache Jena, in versions up to 4.1.0, may allow an attacker to execute XML External Entities XXE, including exposing the contents of local files to a remote server...
CVE-2021-39239
A vulnerability in XML processing in Apache Jena, in versions up to 4.1.0, may allow an attacker to execute XML External Entities XXE, including exposing the contents of local files to a remote server...
CVE-2021-39239 XML External Entity (XXE) vulnerability
A vulnerability in XML processing in Apache Jena, in versions up to 4.1.0, may allow an attacker to execute XML External Entities XXE, including exposing the contents of local files to a remote server...
CVE-2021-39239
CVE-2021-39239 affects Apache Jena’s XML processing (versions up to 4.1.0) and allows XML External Entity (XXE) attacks that can read local files from a remote attacker. Connected IBM advisories confirm multiple IBM products (e.g., DOORS Next, Jazz Reporting Service, Integration Bus) include this...