25 matches found
MiracleLinux 4 : jakarta-taglibs-standard-1.1.1-11.7.0.1.AXS4 (AXSA:2015-477:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-477:01 advisory. This package contains Jakarta Taglibs's open-source implementation of the JSP Standard Tag Library JSTL, version 1.1. JSTL is a standard under the Java...
RHSA-2015:1695 Red Hat Security Advisory: jakarta-taglibs-standard security update
Bulletin has no description...
Mageia: Security Advisory (MGASA-2015-0140)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1701-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1568-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2017:1701-1 Security update for jakarta-taglibs-standard
This update for jakarta-taglibs-standard fixes the following issues: - CVE-2015-0254: Apache Standard Taglibs allowed remote attackers to execute arbitrary code or conduct external XML entity XXE attacks via a crafted XSLT extension in a 1 x:parse or 2 x:transform JSTL XML tag. bsc920813...
SUSE-SU-2017:1568-1 Security update for jakarta-taglibs-standard
This update for jakarta-taglibs-standard fixes the following issues: - CVE-2015-0254: Apache Standard Taglibs allowed remote attackers to execute arbitrary code or conduct external XML entity XXE attacks via a crafted XSLT extension in a 1 x:parse or 2 x:transform JSTL XML tag. bsc920813...
jakarta-taglibs-standard: XXE and RCE via XSL extension in JSTL XML tags
It was found that the Java Standard Tag Library JSTL allowed the processing of untrusted XML documents to utilize external entity references, which could access resources on the host system and, potentially, allowing arbitrary code execution...
CentOS 6 / 7 : jakarta-taglibs-standard (CESA-2015:1695)
Updated jakarta-taglibs-standard packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
openSUSE Security Update : jakarta-taglibs-standard (openSUSE-2015-658)
jakarta-taglibs-standard was updated to fix one security issue. This security issue was fixed : - CVE-2015-0254: Apache Standard Taglibs before 1.2.3 allowed remote attackers to execute arbitrary code or conduct external XML entity XXE attacks via a crafted XSLT extension bsc920813. %NASLMINLEVEL...
Oracle: Security Advisory (ELSA-2015-1695)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2015-595)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : jakarta-taglibs-standard (ALAS-2015-595)
It was found that the Java Standard Tag Library JSTL allowed the processing of untrusted XML documents to utilize external entity references, which could access resources on the host system and, potentially, allowing arbitrary code execution. C Tenable Network Security, Inc. The descriptive text...
Important: jakarta-taglibs-standard
Issue Overview: It was found that the Java Standard Tag Library JSTL allowed the processing of untrusted XML documents to utilize external entity references, which could access resources on the host system and, potentially, allowing arbitrary code execution. Affected Packages:...
CentOS Update for jakarta-taglibs-standard CESA-2015:1695 centos6
Check the version of jakarta-taglibs-standard SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for jakarta-taglibs-standard CESA-2015:1695 centos7
Check the version of jakarta-taglibs-standard SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
jakarta security update
CentOS Errata and Security Advisory CESA-2015:1695 Updated jakarta-taglibs-standard packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring Syste...
RHEL 6 / 7 : jakarta-taglibs-standard (RHSA-2015:1695)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:1695 advisory. jakarta-taglibs-standard is the Java Standard Tag Library JSTL. This library is used in conjunction with Tomcat and Java Server Pages JSP. It was...
Oracle Linux 6 / 7 : jakarta-taglibs-standard (ELSA-2015-1695)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-1695 advisory. - Resolves: CVE-2015-0254 - Apply correction for previous CVE-2015-0254 patch prevent XXE in - Resolves: CVE-2015-0254 Tenable has extracted the preceding...
RedHat Update for jakarta-taglibs-standard RHSA-2015:1695-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...