26 matches found
Unity Linux 20.1070e Security Update: quartz (UTSA-2026-016722)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016722 advisory. initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. Tenable has extracte...
Advisory ROSA-SA-2023-2272
software: quartz 2.2.1 OS: ROSA-CHROME packageevrstring: quartz-2.2.1-11.src.rpm CVE-ID: CVE-2019-13990 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler before version 2.3.0 allows XXE attacks via job description...
Terracotta Quartz Scheduler 代码注入漏洞
Terracotta Quartz Scheduler is an open source job scheduling framework. A security vulnerability exists in Terracotta Quartz Scheduler 2.3.2 and earlier versions, which stems from a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute...
SUSE CVE-2019-13990
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...
Updated quartz packages fix a security vulnerability
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description CVE-2019-13990...
MGASA-2021-0133 Updated quartz packages fix a security vulnerability
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description CVE-2019-13990...
libquartz: XXE attacks via job description
The Terracotta Quartz Scheduler is susceptible to an XML external entity attack XXE through a job description. This issue stems from inadequate handling of XML external entity XXE declarations in the initDocumentParser function within xml/XMLSchedulingDataProcessor.java. By enticing a victim to...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Terracotta Quartz Scheduler
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Terracotta Quartz Scheduler. Vulnerability Details CVEID: CVE-2019-13990 DESCRIPTION: Terracotta could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external enti...
libquartz: XXE attacks via job description
The Terracotta Quartz Scheduler is susceptible to an XML external entity attack XXE through a job description. This issue stems from inadequate handling of XML external entity XXE declarations in the initDocumentParser function within xml/XMLSchedulingDataProcessor.java. By enticing a victim to...
libquartz: XXE attacks via job description
The Terracotta Quartz Scheduler is susceptible to an XML external entity attack XXE through a job description. This issue stems from inadequate handling of XML external entity XXE declarations in the initDocumentParser function within xml/XMLSchedulingDataProcessor.java. By enticing a victim to...
libquartz: XXE attacks via job description
The Terracotta Quartz Scheduler is susceptible to an XML external entity attack XXE through a job description. This issue stems from inadequate handling of XML external entity XXE declarations in the initDocumentParser function within xml/XMLSchedulingDataProcessor.java. By enticing a victim to...
GHSA-9QCF-C26R-X5RF XML external entity injection in Terracotta Quartz Scheduler
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...
XML external entity injection in Terracotta Quartz Scheduler
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...
The vulnerability of the initDocumentParser function in the Terracotta Quartz Scheduler library, which allows a hacker to execute an XXE attack
The vulnerability of the initDocumentParser function in the Terracotta Quartz Scheduler’s task scheduling library is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute an XXE attack...
CVE-2019-13990
The Terracotta Quartz Scheduler is susceptible to an XML external entity attack XXE through a job description. This issue stems from inadequate handling of XML external entity XXE declarations in the initDocumentParser function within xml/XMLSchedulingDataProcessor.java. By enticing a victim to...
Terracotta Quartz Scheduler Code Issue Vulnerability
Terracotta Quartz Scheduler is an open source job scheduling framework . A code issue vulnerability exists in Terracotta Quartz Scheduler. The vulnerability stems from an improperly designed or implemented code development process for a networked system or product. An attacker can exploit this...
DEBIAN-CVE-2019-13990
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...
CVE-2019-13990
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...
Design/Logic Flaw
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...
CVE-2019-13990
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...