Apache Commons JXPath 缓冲区错误漏洞

Apache Commons JXPath is a Java-based implementation of XPath 1.0 from the Apache Foundation, U.S.A. A buffer overflow vulnerability exists in Apache Commons JXPath, which is caused by a stack buffer overflow when parsing XPath. A remote attacker could exploit this vulnerability to cause a denial...

[SECURITY] Fedora 37 Update: python-lxml-4.9.1-1.fc37

lxml is a Pythonic, mature binding for the libxml2 and libxslt libraries. It provides safe and convenient access to these libraries using the ElementTree It extends the ElementTree API significantly to offer support for XPath, RelaxNG, XML Schema, XSLT, C14N and much more...

Fedora: Security Advisory for python-lxml (FEDORA-2022-ed17f59c1d)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for python-lxml (FEDORA-2022-ed0eeb6a20)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: python-lxml-4.7.1-3.fc36

lxml is a Pythonic, mature binding for the libxml2 and libxslt libraries. It provides safe and convenient access to these libraries using the ElementTree It extends the ElementTree API significantly to offer support for XPath, RelaxNG, XML Schema, XSLT, C14N and much more.To contact the project, ...

asanohoon.co.jp Cross Site Scripting vulnerability OBB-2884174

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Ubuntu: Security Advisory (USN-5546-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2022-1661173656 Fixed 50 CVEs in java-1.7.0-openjdk

Bump to 2.6.28 and OpenJDK 7u351-b01. - Security fixes in 7u351: - CVE-2022-21540: Improve class compilation JDK-8281859 - CVE-2022-21541: Enhance MethodHandle invocations JDK-8281866 - CVE-2022-34169: Improve Xalan supports JDK-8285407 - Security fixes in 7u341: - CVE-2022-21426: Better XPath...

Blind XPath Injection (differential analysis)

XML Path Language XPath queries are used by web applications for selecting nodes from XML documents. Once selected, the value of these nodes can then be used by the application. A simple example for the use of XML documents is to store user information. As part of the authentication process, the...

Ubuntu: Security Advisory (USN-5546-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5546-2: OpenJDK 8 vulnerabilities

USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain...

USN-5546-2 openjdk-8 vulnerabilities

USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain...

Fedora: Security Advisory for golang-github-christrenkamp-goxpath (FEDORA-2022-5ef0bd9a27)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-christrenkamp-goxpath-0-0.7.20200627gitc5096ec.fc36

An XPath 1.0 implementation written in the Go programming language...

openSUSE: Security Advisory for java-1_8_0-openjdk (SUSE-SU-2022:2530-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2022:2530-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u332 - April 2022 CPU icedtea-3.23.0 - CVE-2022-21426: Better XPath expression handling bsc1198672 - CVE-2022-21443: Improved Object Identification bsc1198675 - CVE-2022-21434: Better invocation handler handling...

USN-5525-1: Apache XML Security for Java vulnerability

It was discovered that Apache XML Security for Java incorrectly passed a configuration property when creating specific key elements. This allows an attacker to abuse an XPath Transform to extract sensitive information...

USN-5525-1 libxml-security-java vulnerability

It was discovered that Apache XML Security for Java incorrectly passed a configuration property when creating specific key elements. This allows an attacker to abuse an XPath Transform to extract sensitive information...

XPath Injection Authentication Bypass

XML Path Language XPath queries are used by web applications for selecting nodes from XML documents. Once selected, the value of these nodes can then be used by the application. A simple example for the use of XML documents is to store user information. As part of the authentication process, the...

Fedora: Security Advisory for golang-github-christrenkamp-goxpath (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...