Lucene search
K

26 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: quartz (UTSA-2026-016722)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016722 advisory. initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. Tenable has extracte...

9.8CVSS6.8AI score0.162EPSS
Exploits0References4
Rosalinux
Rosalinux
added 2023/10/22 6:16 a.m.45 views

Advisory ROSA-SA-2023-2272

software: quartz 2.2.1 OS: ROSA-CHROME packageevrstring: quartz-2.2.1-11.src.rpm CVE-ID: CVE-2019-13990 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler before version 2.3.0 allows XXE attacks via job description...

9.8CVSS6.8AI score0.162EPSS
Exploits0
CNNVD
CNNVD
added 2023/07/28 12:0 a.m.6 views

Terracotta Quartz Scheduler 代码注入漏洞

Terracotta Quartz Scheduler is an open source job scheduling framework. A security vulnerability exists in Terracotta Quartz Scheduler 2.3.2 and earlier versions, which stems from a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute...

9.8CVSS7.2AI score0.01017EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:10 a.m.3 views

SUSE CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

5CVSS7AI score0.162EPSS
Exploits0References5
Mageia
Mageia
added 2021/03/14 9:20 p.m.139 views

Updated quartz packages fix a security vulnerability

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description CVE-2019-13990...

9.8CVSS4.4AI score0.162EPSS
Exploits0References2
OSV
OSV
added 2021/03/14 9:20 p.m.15 views

MGASA-2021-0133 Updated quartz packages fix a security vulnerability

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description CVE-2019-13990...

9.8CVSS9.3AI score0.162EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/12/16 12:11 p.m.4 views

libquartz: XXE attacks via job description

The Terracotta Quartz Scheduler is susceptible to an XML external entity attack XXE through a job description. This issue stems from inadequate handling of XML external entity XXE declarations in the initDocumentParser function within xml/XMLSchedulingDataProcessor.java. By enticing a victim to...

9.8CVSS7AI score0.162EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/29 8:57 a.m.36 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Terracotta Quartz Scheduler

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Terracotta Quartz Scheduler. Vulnerability Details CVEID: CVE-2019-13990 DESCRIPTION: Terracotta could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external enti...

9.8CVSS1.6AI score0.162EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/08/04 2:2 p.m.4 views

libquartz: XXE attacks via job description

The Terracotta Quartz Scheduler is susceptible to an XML external entity attack XXE through a job description. This issue stems from inadequate handling of XML external entity XXE declarations in the initDocumentParser function within xml/XMLSchedulingDataProcessor.java. By enticing a victim to...

9.8CVSS7AI score0.162EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/07/29 6:21 a.m.6 views

libquartz: XXE attacks via job description

The Terracotta Quartz Scheduler is susceptible to an XML external entity attack XXE through a job description. This issue stems from inadequate handling of XML external entity XXE declarations in the initDocumentParser function within xml/XMLSchedulingDataProcessor.java. By enticing a victim to...

9.8CVSS7AI score0.162EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/07/29 6:6 a.m.4 views

libquartz: XXE attacks via job description

The Terracotta Quartz Scheduler is susceptible to an XML external entity attack XXE through a job description. This issue stems from inadequate handling of XML external entity XXE declarations in the initDocumentParser function within xml/XMLSchedulingDataProcessor.java. By enticing a victim to...

9.8CVSS7AI score0.162EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2020/07/01 5:55 p.m.153 views

XML external entity injection in Terracotta Quartz Scheduler

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

9.8CVSS5.3AI score0.162EPSS
Exploits0References30Affected Software1
OSV
OSV
added 2020/07/01 5:55 p.m.3 views

GHSA-9QCF-C26R-X5RF XML external entity injection in Terracotta Quartz Scheduler

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

9.8CVSS6.8AI score0.162EPSS
Exploits0References30
BDU FSTEC
BDU FSTEC
added 2020/05/15 12:0 a.m.5 views

The vulnerability of the initDocumentParser function in the Terracotta Quartz Scheduler library, which allows a hacker to execute an XXE attack

The vulnerability of the initDocumentParser function in the Terracotta Quartz Scheduler’s task scheduling library is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute an XXE attack...

10CVSS7AI score0.162EPSS
Exploits0References9Affected Software21
RedhatCVE
RedhatCVE
added 2020/02/10 11:44 a.m.74 views

CVE-2019-13990

The Terracotta Quartz Scheduler is susceptible to an XML external entity attack XXE through a job description. This issue stems from inadequate handling of XML external entity XXE declarations in the initDocumentParser function within xml/XMLSchedulingDataProcessor.java. By enticing a victim to...

9.8CVSS9.3AI score0.162EPSS
Exploits0References3
CNVD
CNVD
added 2019/07/29 12:0 a.m.3 views

Terracotta Quartz Scheduler Code Issue Vulnerability

Terracotta Quartz Scheduler is an open source job scheduling framework . A code issue vulnerability exists in Terracotta Quartz Scheduler. The vulnerability stems from an improperly designed or implemented code development process for a networked system or product. An attacker can exploit this...

9.8CVSS9.2AI score0.162EPSS
Exploits0References1
OSV
OSV
added 2019/07/26 7:15 p.m.35 views

CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

9.8CVSS6.6AI score0.162EPSS
Exploits0References17
OSV
OSV
added 2019/07/26 7:15 p.m.2 views

DEBIAN-CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

9.8CVSS7.1AI score0.162EPSS
Exploits0References1
Prion
Prion
added 2019/07/26 7:15 p.m.27 views

Design/Logic Flaw

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

7.5CVSS9.1AI score0.162EPSS
Exploits0References17Affected Software29
UbuntuCve
UbuntuCve
added 2019/07/26 7:15 p.m.52 views

CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

9.8CVSS6.8AI score0.162EPSS
Exploits0References2
Rows per page
Query Builder