8 matches found
DEBIAN-CVE-2024-45236
An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a signed object containing an empty signedAttributes field. Fort accesses the set's elements without sanitizing it first. Because Fort is an RPKI Relying...
The vulnerability of the Jenkins automation server, related to the restoration of unreliable data in memory, allows a hacker to execute arbitrary code.
The vulnerability of the Jenkins automation server relates to the restoration of unreliable data in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code by sending a serialized Java object called SignedObject to the Jenkins CLI...
VulnCheck KEV: CVE-2017-1000353
Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist-based...
OpenJDK: Deserialization allows creation of mutable SignedObject (Deserialization, 6618658)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to...
[SECURITY] [DSA 2358-1] openjdk-6 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2358-1 [email protected] http://www.debian.org/security/ December 05, 2011 http://www.debian.org/security/faq - -------------------------------------------------------------------------...
Debian: Security Advisory (DSA-2311-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-2311-1 : openjdk-6 - several vulnerabilities
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java SE platform. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-0862 Integer overflow errors in the JPEG and font parser allow untrusted code including applets to...
OpenJDK: Deserialization allows creation of mutable SignedObject (Deserialization, 6618658)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to...