what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

CVE-2020-25638

Status Candidate

Overview

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.

Related Files

Red Hat Security Advisory 2021-2561-01
Posted Jun 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2561-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, java, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2021-25122, CVE-2021-25329
SHA-256 | f3cd1db006604fa6b5ec96f64cd45152cf6b247c0b550fab1007a90fe65d5bff
Red Hat Security Advisory 2021-2562-01
Posted Jun 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2562-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, java, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2021-25122, CVE-2021-25329
SHA-256 | 7483c97d1f9fb372e81b8472c214b78b36b64578a63172ce3a020369a769c580
Red Hat Security Advisory 2021-2039-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2039-01 - This release of Red Hat Integration - Service registry 1.1.1.GA serves as a replacement for 1.1.0.GA, and includes the below security fixes. Issues addressed include XML injection and remote SQL injection vulnerabilities.

tags | advisory, remote, registry, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-14040, CVE-2020-25638, CVE-2020-25649
SHA-256 | 016baf810f0fc092f71233e8a3a373f15cd931df73eb2a65bb7e42e8e6050a8a
Red Hat Security Advisory 2021-0603-01
Posted Feb 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0603-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.10.0 serves as an update to Red Hat Decision Manager 7.9.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-14338, CVE-2020-25638, CVE-2020-9488
SHA-256 | 9e5380638de7bd23fb712413abf091625b50472b11616e1726023c7df7b8c3ae
Red Hat Security Advisory 2021-0600-01
Posted Feb 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0600-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.10.0 serves as an update to Red Hat Process Automation Manager 7.9.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
systems | linux, redhat
advisories | CVE-2020-14338, CVE-2020-25638
SHA-256 | e09b87675f93a82220260b242953bae1e915b136abaf8042cc474aa8c0b38fd6
Red Hat Security Advisory 2021-0292-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0292-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.3.6 serves as a replacement for Red Hat support for Spring Boot 2.3.4, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-11996, CVE-2020-25638
SHA-256 | 3c53b89283c4d6ed32a97e562755fa31e592b5ddb2776f643ed96c31f31b1ea4
Red Hat Security Advisory 2020-5388-01
Posted Jan 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5388-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.2.11 serves as a replacement for Red Hat support for Spring Boot 2.2.10, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-11996, CVE-2020-25638
SHA-256 | 5a8af553d669a8f417b0e9bf9c65d2e5f4d24d7c4328c679427e9e19869aca54
Red Hat Security Advisory 2020-5361-01
Posted Dec 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5361-01 - This release of Red Hat build of Thorntail 2.7.2 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section. Issues addressed include XML injection, bypass, denial of service, and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-14299, CVE-2020-14338, CVE-2020-14340, CVE-2020-25638, CVE-2020-25649
SHA-256 | 9e71c6b2a14aa1556e828682dbaf09622600c6b0250faa6360fd794afaaf7f80
Red Hat Security Advisory 2020-5533-01
Posted Dec 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5533-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.4 serves as a replacement for Red Hat Single Sign-On 7.4.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection and remote SQL injection vulnerabilities.

tags | advisory, remote, web, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-10695, CVE-2020-13822, CVE-2020-25638, CVE-2020-25649, CVE-2020-27826
SHA-256 | eaa87ce50be16945bab184dd40e9a5f620f97137e5c67be852549e6da2954570
Red Hat Security Advisory 2020-5342-01
Posted Dec 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5342-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, memory leak, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, vulnerability, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2020-25644, CVE-2020-25649
SHA-256 | acbd3e14db6d09834afce1f465061e1d2d38d186b4b4b021dd8e2eabe1bfbb14
Red Hat Security Advisory 2020-5341-01
Posted Dec 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5341-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, memory leak, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, vulnerability, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2020-25644, CVE-2020-25649
SHA-256 | 1f25f6133d8217c8b4ac927a7eab59218376028fe23c68c04f2ffa4e37fecaa8
Red Hat Security Advisory 2020-5340-01
Posted Dec 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5340-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, memory leak, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, vulnerability, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2020-25644, CVE-2020-25649
SHA-256 | 3712a4ee80a9d53ebbdedd13d2f4fc5a4f1962a34e416dca9868e135339bb982
Red Hat Security Advisory 2020-5344-01
Posted Dec 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5344-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, memory leak, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, vulnerability, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2020-25644, CVE-2020-25649
SHA-256 | b9621d35f7b316a7c076ea7be96f7049b75a77d2af661325878fae30aa379148
Red Hat Security Advisory 2020-5302-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5302-01 - This release of Red Hat build of Quarkus 1.7.5 SP1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
systems | linux, redhat
advisories | CVE-2020-25638
SHA-256 | f990e12777887ddeb80da5f4820355619ec2c5c4bcb873f4644e55dd82cd1722
Red Hat Security Advisory 2020-5254-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5254-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2020-25638
SHA-256 | 1f1824342beae059c3a79c6156fcf5ae44155e9b67a2c669a42edb685ad5a28b
Red Hat Security Advisory 2020-5175-01
Posted Nov 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5175-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, java, remote, sql injection
systems | linux, redhat
advisories | CVE-2020-25638
SHA-256 | 9c1c55652c66d53195789c9afc14d11980aaa07ced72c885a8df75b10eac261f
Red Hat Security Advisory 2020-5174-01
Posted Nov 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5174-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, java, remote, sql injection
systems | linux, redhat
advisories | CVE-2020-25638
SHA-256 | 759d07c9b9a993b9fc73710f143634f145f2bafb1612027c995ff08278e9a222
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close