Showing 1 - 3 of 3

CVE-2018-1131

Status Candidate

Overview

Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations. A user with authenticated access to the server could send a malicious object to a cache configured to accept certain types of objects, achieving code execution and possible further attacks. Versions 9.0.3.Final, 9.1.7.Final, 8.2.10.Final, 9.2.2.Final, 9.3.0.Alpha1 are believed to be affected.

Related Files

Red Hat Security Advisory 2019-3892-01: Posted Nov 15, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3892-01 - This release of Red Hat Fuse 7.5.0 serves as a replacement for Red Hat Fuse 7.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, deserialization, information leakage, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2017-15095, CVE-2017-17485, CVE-2018-1000850, CVE-2018-11307, CVE-2018-1131, CVE-2018-11775, CVE-2018-11796, CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2018-8009, CVE-2018-8034, CVE-2019-0201, CVE-2019-0204, CVE-2019-10173, CVE-2019-14860, CVE-2019-16869, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518; SHA-256 | d033b077fbe5857e973c9773a4c3ebbcdddde8391b77c6d861aa36baf37bde9f; Download | Favorite | View

Red Hat Security Advisory 2018-1833-01: Posted Jun 12, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-1833-01 - Red Hat JBoss Data Grid is a distributed in-memory data grid based on Infinispan. This release of Red Hat JBoss Data Grid 7.2.1 serves as a replacement for Red Hat JBoss Data Grid 7.2.0 and includes bug fixes and enhancements. You can find a link to the Release Notes that describe these bug fixes and enhancements in the References section of this erratum. Issues addressed include a deserialization vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2018-1131; SHA-256 | 1e71d8bd747ccfad3ae2469493515df42c52ac5f89ae068b5699fe6c52b5f5b1; Download | Favorite | View

mySCADA myPRO 7 Hardcoded Credentials: Posted May 20, 2018; Authored by Emre OVUNC; mySCADA myPRO version 7 has a hardcoded FTP username and password.; tags | exploit; advisories | CVE-2018-11311; SHA-256 | 553ae392f5c1f157db4b69372afc77301a62e865943eaa79df04791cb4a37e73; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 55 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Google Security Research 6 files
Apple 6 files
Milad Karimi 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,333)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,578)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,460)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2018-1131

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems