31 matches found
CVE-2020-11022
CVE-2020-11022 affects jQuery versions >=1.2 and =3.5.0 or apply vendor guidance where applicable.
CVE-2019-11358
CVE-2019-11358 is a prototype pollution vulnerability in jQuery (before 3.4.0) where mishandling of extend(true, {}, ...) can extend Object.prototype if an unsanitized source object has an enumerable proto property. The Core issue is triggered when a polluted prototype is introduced via nested ob...
CVE-2021-29425
CVE-2021-29425 affects Apache Commons IO up to version 2.6, specifically FileNameUtils.normalize. With inputs such as "//../foo" or "\..\foo", normalization can yield a value that does not escape to higher directories, potentially enabling access to the parent directory if the resulting path is u...
CVE-2020-9546
CVE-2020-9546 affects FasterXML jackson-databind 2.x before 2.9.10.4, where serialization gadgets and typing interactions involving org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig can lead to deserialization issues. The IBM/Cloudera bulletin references the same CVE and lists a high impact...
CVE-2020-9548
CVE-2020-9548 affects Cloudera Data Platform Private Cloud Base (IBM) 7.1.9. It is a deserialization vulnerability in FasterXML jackson-databind 2.x up to 2.9.10.3/4 where interaction between serialization gadgets and typing (relating to br.com.anteros.dbcp.AnterosDBCPConfig) can lead to remote c...
CVE-2021-28164
CVE-2021-28164 (Jetty): Affects Jetty 9.4.37.v20210219–9.4.38.v20210224. The default compliance mode allowed URIs containing encoded dot segments (%2e, %2e%2e) to access protected WEB-INF resources (e.g., /context/%2e/WEB-INF/web.xml), exposing sensitive implementation details. Public references ...
CVE-2020-11113
CVE-2020-11113 is a deserialization vulnerability in FasterXML jackson-databind (2.x before 2.9.10.4) tied to typing gadget interactions (notably related to org.apache.openjpa.ee.WASRegistryManagedRuntime). The connected documents corroborate an exploit path via unsafe deserialization leading to ...
CVE-2021-37136
CVE-2021-37136 : The Bzip2 decompression decoder can set no limit on the decompressed output size, affecting all Bzip2Decoder users. This under- or over-allocates memory during decompression and can trigger an OutOfMemoryError, enabling DoS. Connected IBM/ASTRA entries reiterate the same descript...
CVE-2021-41164
CKEditor4 contains an Advanced Content Filter (ACF) vulnerability (CVE-2021-41164) that allows injection of malformed HTML bypassing sanitization, enabling JavaScript execution. Affected: CKEditor4
CVE-2020-10672
CVE-2020-10672 affects FasterXML jackson-databind 2.x prior to 2.9.10.4. The issue arises from deserialization gadget/typing interaction (related to org.apache. Aries transaction JMS XaPooledConnectionFactory), enabling high-severity impact on data confidentiality/integrity/availability. Connecte...
CVE-2020-14061
CVE-2020-14061 concerns Jackson Databind 2.x before 2.9.10.5, where deserialization gadgets typing interaction (including oracle.jms.AQjms* components) can be exploited. IBM and NVD references show a high-severity exposure (base scores up to 8.1–9.8) with network attack vector and partial to high...
CVE-2020-10968
CVE-2020-10968 affects FasterXML jackson-databind 2.x before 2.9.10.4. The issue arises from how serialization gadgets interact with typing, specifically related to org.aoju.bus.proxy.provider.remoting.RmiProvider (bus-proxy). The result is a deserialization vulnerability with high impact to conf...
CVE-2021-28163
CVE-2021-28163 (Jetty symlink handling) is reported across multiple IBM advisories as a vulnerability in Eclipse Jetty where if the ${jetty.base} or ${jetty.base}/webapps directory is a symlink, an attacker could obtain the contents of the webapps directory. IBM documents list affected products s...
CVE-2020-14062
CVE-2020-14062 affects jackson-databind 2.x prior to 2.9.10.5, where interaction between serialization gadgets and typing (related to JNDIConnectionPool) can lead to deserialization abuse with high impact. IBM/X-Force entries consolidate this as a 9.8/3.0 vulnerability. In the connected IBM bulle...
CVE-2020-14195
CVE-2020-14195 affects FasterXML jackson-databind 2.x before 2.9.10.5, where deserialization gadgets/typing interaction can be exploited (related to org.jsecurity JndiRealmFactory) to potentially execute code. IBM X-Force lists a base score of 9.8 with HIGH impact on confidentiality, integrity an...
CVE-2020-11111
CVE-2020-11111 involves FasterXML Jackson Databind 2.x before 2.9.10.4, where deserialization gadgets and typing interaction (related to org.apache.activemq.*) are mishandled. This can impact confidentiality, integrity and availability. Affected product is Jackson Databind 2.x prior to 2.9.10.4; ...
CVE-2020-10969
CVE-2020-10969 : Jackson Databind 2.x prior to 2.9.10.4 has a deserialization flaw caused by how serialization gadgets interact with typing (related to javax.swing.JEditorPane). This can enable deserialization of untrusted data with potential remote code execution. The issue is publicly documente...
CVE-2020-10673
CVE-2020-10673 affects FasterXML jackson-databind 2.x prior to 2.9.10.4. The IBM bulletin and the consolidated Jira/Advisory in connected docs describe a deserialization issue where interaction between serialization gadgets and typing (related to com.caucho.config.types.ResourceRef, aka caucho-qu...
CVE-2021-37137
CVE-2021-37137 involves Netty’s Snappy frame decoding where the SnappyFrameDecoder does not restrict the chunk length, enabling potential excessive memory usage. The issue can be triggered by crafted input that decompresses to a very large size (via network streams or files) or by sending a very ...
CVE-2020-14060
CVE-2020-14060 affects FasterXML jackson-databind 2.x before 2.9.10.5. The root cause is mishandling of the interaction between serialization gadgets and typing (related to JNDIConnectionPool), enabling deserialization-enabled impact on confidentiality, integrity, and availability. The IBM X-Forc...
CVE-2020-11112
CVE-2020-11112 affects FasterXML jackson-databind 2.x before 2.9.10.4, where serialization gadgets and typing interaction is mishandled (related to org.apache.commons.proxy.provider.remoting.RmiProvider). This is a deserialization issue that could enable malicious payload execution; affected prod...
CVE-2021-36090
CVE-2021-36090 affects Apache Commons Compress zip handling: reading a specially crafted ZIP can allocate excessive memory, causing an out-of-memory DoS. Supported details from IBM/AWS advisories point to a fix in Commons Compress (upgrade to 1.21+; e.g., Amazon Linux advisories list apache-commo...
CVE-2019-17495
CVE-2019-17495 is a CSS injection flaw in Swagger UI prior to 3.23.11 using the Relative Path Overwrite (RPO) technique that can lead to exfiltration of sensitive data (e.g., CSRF tokens) via CSS-based input field values. Concrete details across connected docs show multiple IBM advisories referen...
CVE-2021-35515
CVE-2021-35515 is an infinite-loop denial-of-service in Apache Commons Compress when reading a crafted 7Z archive. The issue arises during the construction of the codecs list used to decompress an entry, potentially consuming unbounded CPU and impacting services that rely on the sevenz package. C...
CVE-2021-35517
CVE-2021-35517 affects Apache Commons Compress tar handling. The vulnerability, triggered by reading a specially crafted TAR archive, can cause Compress to allocate excessive memory, potentially leading to an out-of-memory condition and a denial-of-service against services using Compress’ tar pac...
CVE-2019-10219
The CVE-2019-10219 entry affects Hibernate Validator: SafeHtml validator annotation fails to sanitize HTML comments/instructions, enabling XSS in affected code paths. Affected CP4S versions are 1.7.2.0, 1.8.0.0, and 1.8.1.0. Remediation is to upgrade to Cloud Pak for Security 1.9.0.0 per IBM guid...
CVE-2021-35516
CVE-2021-35516 affects Apache Commons Compress (the sevenz package). A specially crafted 7Z archive can cause the library to allocate excessive memory, ultimately causing an out-of-memory condition and a denial-of-service on services that use Compress’ sevenz component. The initial description do...
CVE-2020-11987
CVE-2020-11987 – SSRF in Apache Batik 1.13 . The initial description confirms a server-side request forgery via improper input validation in NodePickerPanel, enabling an attacker to make arbitrary GET requests from the server. Connected documents corroborate concrete remediation actions across ve...
CVE-2021-2351
CVE-2021-2351 affects Oracle Database Server’s Advanced Networking Option, with affected versions 12.1.0.2, 12.2.0.1, and 19c. The vulnerability allows unauthenticated network access via Oracle Net to compromise the Advanced Networking Option, with access requiring user interaction (UI_R) and ris...
CVE-2021-41165
CKEditor4 core HTML processing vulnerability (CVE-2021-41165) allows injection of malformed HTML comments bypassing content sanitization, potentially enabling JavaScript execution. Affected: CKEditor 4.x versions before 4.17.0 (affects all plugins). Impact: execution of arbitrary script in affect...
CVE-2019-3019
CVE-2019-3019 affects Oracle Banking Digital Experience (Loan Calculator) in Oracle Financial Services Applications. Vulnerable versions: 18.1, 18.2, 18.3, 19.1. An attacker with network access via HTTP, low privileges, and requiring user interaction can potentially modify or read Oracle Banking ...