Ubuntu Security Notice 4943-1 - Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. This issue affected only affected Ubuntu 20.10. It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream. This issue only affected Ubuntu 20.10. Various other issues were also addressed.
a565fe2178a44c21cfecd0d125585112Red Hat Security Advisory 2021-0433-01 - Red Hat Data Grid is a distributed, in-memory data store. This release of Red Hat Data Grid 8.1.1 serves as a replacement for Red Hat Data Grid 8.1.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, deserialization, and memory leak vulnerabilities.
de26065685b4363a7b525326ab2cae3bRed Hat Security Advisory 2021-0384-01 - Red Hat Fuse provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat A-MQ is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat Fuse 6.3 and Red Hat A-MQ 6.3. It includes bug fixes, which are documented in the patch notes accompanying the package on the download page. Issues addressed include bypass, code execution, and deserialization vulnerabilities.
f6b225727d9a2d5b8600a077b541de2eUbuntu Security Notice 4714-1 - Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream. Various other issues were also addressed.
3cdeed73f8b46410b7481e928cd50ec1Red Hat Security Advisory 2021-0162-01 - XStream is a Java XML serialization library to serialize objects to and deserialize object from XML. Issues addressed include code execution and deserialization vulnerabilities.
d9296480dea43fdb2055da43de4742beRed Hat Security Advisory 2021-0106-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.9.1 serves as an update to Red Hat Decision Manager 7.9.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
00cac4a6608b0577aae4612828d12d01Red Hat Security Advisory 2021-0105-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.9.1 serves as an update to Red Hat Process Automation Manager 7.9.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
d181ff8a0b578471ad111710d32accbd
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed