8 matches found
Improper Restriction of XML External Entity Reference in Apace Derby
XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service resource consumption via vectors involving XmlVTI and the XML dataty...
GHSA-WR69-G62G-2R9H Improper Restriction of XML External Entity Reference in Apace Derby
XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service resource consumption via vectors involving XmlVTI and the XML dataty...
Updated derby packages fix security vulnerability
Apache Derby could allow a remote attacker to obtain sensitive information, caused by a XML external entity XXE error when processing XML data by the XML datatype and XmlVTI. An attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service...
CVE-2015-1832
XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service resource consumption via vectors involving XmlVTI and the XML dataty...
DEBIAN-CVE-2015-1832
XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service resource consumption via vectors involving XmlVTI and the XML dataty...
CVE-2015-1832
XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service resource consumption via vectors involving XmlVTI and the XML dataty...
CVE-2015-1832
XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service resource consumption via vectors involving XmlVTI and the XML dataty...
CVE-2015-1832
CVE-2015-1832 is an XXE vulnerability in the XmlVTI/XML datatype handling of Derby’s SqlXmlUtil, present in Apache Derby before 10.12.1.1 and exploitable when a Java Security Manager is not in place. Context-dependent attackers could read arbitrary files or cause resource exhaustion (DOS) via Xml...