what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2018-1000632

Status Candidate

Overview

dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later.

Related Files

Ubuntu Security Notice USN-4619-1
Posted Nov 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4619-1 - Mário Areias discovered that dom4j did not properly validate XML document elements. An attacker could exploit this with a crafted XML file to cause dom4j to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-1000632
SHA-256 | 8811267ce4069d8fe5cf28d9c899a4bbd6040492be72350f1903c43c1d710157
Red Hat Security Advisory 2020-3192-01
Posted Jul 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3192-01 - This release of Red Hat Fuse 7.7.0 serves as a replacement for Red Hat Fuse 7.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, XML injection, bypass, cross site scripting, denial of service, information leakage, and server-side request forgery vulnerabilities.

tags | advisory, web, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2016-4970, CVE-2018-1000632, CVE-2018-11797, CVE-2018-12541, CVE-2018-3831, CVE-2019-0231, CVE-2019-10086, CVE-2019-10172, CVE-2019-12086, CVE-2019-12400, CVE-2019-14540, CVE-2019-14888, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531, CVE-2019-17573, CVE-2019-20330, CVE-2019-20444, CVE-2019-20445, CVE-2019-3797, CVE-2019-9511, CVE-2019-9827, CVE-2020-10672
SHA-256 | 7c2d2464e2e75c435724268e7235a048d87b1886dbc11e01f6fa6141b8a86b2c
Red Hat Security Advisory 2019-3172-01
Posted Oct 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3172-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.

tags | advisory, remote, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-16470, CVE-2019-10198, CVE-2019-14825
SHA-256 | 0d1a7f3e91df6df87aebdd58b89f12efd814a2be22f9232bceca09c5693fa8c4
Red Hat Security Advisory 2019-1162-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1162-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.22 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.21, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-8034
SHA-256 | c7d1940fd728b415f110e72909845b2271eb585cf3fe1c0022cb42c5baba4e0e
Red Hat Security Advisory 2019-1160-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1160-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.22 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.21, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-8034
SHA-256 | 3a5c07b7f4dc0c1d0e83e80c108f16d7d04eb6c1b01ece3a5004980feb6ad6a1
Red Hat Security Advisory 2019-1161-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1161-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.22 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.21, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-8034
SHA-256 | de8411e9560c197b8de7528b762568e5f5c3aa978f3a5f13cf46e86c2003548d
Red Hat Security Advisory 2019-1159-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1159-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.22 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.21, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-8034
SHA-256 | 53067ef42952a1e99d1aba18ee49ae76fe735209c653df2c3a7195c682804794
Red Hat Security Advisory 2019-0364-01
Posted Feb 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0364-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-14642
SHA-256 | a228d9418494e5a5cd97d703c55108239e82d26c2deebf111ebb52fd2adf1aec
Red Hat Security Advisory 2019-0362-01
Posted Feb 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0362-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-14642
SHA-256 | 09b757ecbeea503e2e2dd6f7ac771af07bbaed81be2e458c03e54c8290188e5d
Red Hat Security Advisory 2019-0380-01
Posted Feb 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0380-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.6 serves as a replacement for Red Hat Single Sign-On 7.2.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-14642
SHA-256 | 32aad9996df6400db8adadb3fa8c9c6302bbd9bc31c388eac459b86318d6202a
Red Hat Security Advisory 2019-0365-01
Posted Feb 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0365-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-14642
SHA-256 | 6e0db3fe2f3f38836bb6573608efad79fe56089340c18ecdc05321a13b97597d
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close