EUVD-2017-16458

Malware in sbrugna...

GoCD 代码问题漏洞

GoCD is an open source continuous delivery server from GoCD. A code issue vulnerability exists in GoCD versions prior to 24.5.0 that stems from allowing abuse of the ability to edit raw XML configurations, which triggers an XML External Entity XXE injection vulnerability...

[SECURITY] Fedora 40 Update: apache-commons-digester-2.1-30.fc40

Many projects read XML configuration files to provide initialization of various Java objects within the system. There are several ways of doing this, and the Digester component was designed to provide a common implementation that can be used in many different projects...

CVE-2017-7434

In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations could result in passwords being logged into exception logfiles...

Code injection

In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations could result in passwords being logged into exception logfiles...

CVE-2017-7434

CVE-2017-7434 affects the NetIQ Identity Manager JDBC driver prior to 4.6. A vulnerability allows passwords to be logged in exception log files due to sending out incorrect XML configurations. Public details in the sources indicate the issue is documented in NVD and CNVD records, with no explicit...

CVE-2017-7434 NetIQ Identity Manager JDBC driver could leak passwords in exception traces

In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations could result in passwords being logged into exception logfiles...