what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2019-12400

Status Candidate

Overview

In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this implementation might be cached and re-used by Apache Santuario - XML Security for Java, leading to potential security flaws when validating signed documents, etc. The vulnerability affects Apache Santuario - XML Security for Java 2.0.x releases from 2.0.3 and all 2.1.x releases before 2.1.4.

Related Files

Red Hat Security Advisory 2020-3192-01
Posted Jul 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3192-01 - This release of Red Hat Fuse 7.7.0 serves as a replacement for Red Hat Fuse 7.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, XML injection, bypass, cross site scripting, denial of service, information leakage, and server-side request forgery vulnerabilities.

tags | advisory, web, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2016-4970, CVE-2018-1000632, CVE-2018-11797, CVE-2018-12541, CVE-2018-3831, CVE-2019-0231, CVE-2019-10086, CVE-2019-10172, CVE-2019-12086, CVE-2019-12400, CVE-2019-14540, CVE-2019-14888, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531, CVE-2019-17573, CVE-2019-20330, CVE-2019-20444, CVE-2019-20445, CVE-2019-3797, CVE-2019-9511, CVE-2019-9827, CVE-2020-10672
SHA-256 | 7c2d2464e2e75c435724268e7235a048d87b1886dbc11e01f6fa6141b8a86b2c
Red Hat Security Advisory 2020-2067-01
Posted May 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2067-01 - This release of Red Hat build of Thorntail 2.5.1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include HTTP request smuggling, bypass, cross site request forgery, cross site scripting, denial of service, and out of bounds read vulnerabilities.

tags | advisory, web, denial of service, vulnerability, xss, csrf
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-10199, CVE-2019-10201, CVE-2019-10219, CVE-2019-12400, CVE-2019-12406, CVE-2019-12419, CVE-2019-14540, CVE-2019-14820, CVE-2019-14832, CVE-2019-14838, CVE-2019-14887, CVE-2019-14888, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531, CVE-2019-20330, CVE-2019-3875, CVE-2019-9511, CVE-2019-9512, CVE-2019-9514
SHA-256 | 4f6b06242c907c4bb9882a9c0dd20ae51f06eb541c38e1084bc175618d6a5cbd
Red Hat Security Advisory 2020-0951-01
Posted Mar 24, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0951-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-12400, CVE-2019-14885, CVE-2019-14887, CVE-2019-20330, CVE-2019-20444, CVE-2019-20445, CVE-2020-1744, CVE-2020-7238
SHA-256 | 34dac8ae636745443cf5f4c204f5fc6505f448e11d7503980ae0dac5662c15cf
Red Hat Security Advisory 2020-0804-01
Posted Mar 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0804-01 - This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. Issues addressed include an out-of-bounds read and HTTP response smuggling.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-12400, CVE-2019-14887, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
SHA-256 | 38f8c8af4ba50c7e0be81c9c2e85755146bedbb15f38c6a4b654caf2975f6a05
Red Hat Security Advisory 2020-0805-01
Posted Mar 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0805-01 - This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. Issues addressed include an out-of-bounds read and HTTP response smuggling.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-12400, CVE-2019-14887, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
SHA-256 | 413da814d98d1956bc538ff7b729936c0bbde62fdc992b8e1a3c16b77847a3e0
Red Hat Security Advisory 2020-0806-01
Posted Mar 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0806-01 - This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. Issues addressed include HTTP response smuggling.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-12400, CVE-2019-14887, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
SHA-256 | 6d80cde473c1888acc3a5a6d12d190e079a6f4830559f4cf1e8dd913037abea1
Red Hat Security Advisory 2020-0811-01
Posted Mar 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0811-01 - This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. Issues addressed include an out-of-bounds read.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-12400, CVE-2019-14887, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
SHA-256 | 364306a4d24df896f45dc0d649d91e393c57d4ed0cb42ac9fc83fb92fed5e29b
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close