Showing 1 - 3 of 3

CVE-2020-26238

Status Candidate

Overview

Cron-utils is a Java library to parse, validate, migrate crons as well as get human readable descriptions for them. In cron-utils before version 9.1.3, a template Injection vulnerability is present. This enables attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code Execution (RCE) vulnerability. Only projects using the @Cron annotation to validate untrusted Cron expressions are affected. This issue was patched in version 9.1.3.

Related Files

Red Hat Security Advisory 2021-3207-01: Posted Aug 18, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3207-01 - This release of Red Hat Integration - Camel Quarkus - 1.8.1 tech-preview 2 serves as a replacement for tech-preview 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, information leakage, man-in-the-middle, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2020-13920, CVE-2020-17518, CVE-2020-17521, CVE-2020-26238, CVE-2020-27222, CVE-2020-27782, CVE-2020-29582, CVE-2021-20218; SHA-256 | 45c967c8a201b1f39d4acd990e209ab0096988439ff4cec5216e3227f4f3dc4b; Download | Favorite | View

Red Hat Security Advisory 2021-3205-01: Posted Aug 18, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3205-01 - A minor version update is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, code execution, denial of service, information leakage, man-in-the-middle, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2020-13920, CVE-2020-17518, CVE-2020-17521, CVE-2020-26238, CVE-2020-27222, CVE-2020-27782, CVE-2020-28052, CVE-2020-29582, CVE-2021-20218, CVE-2021-27807, CVE-2021-27906, CVE-2021-30468, CVE-2021-31811; SHA-256 | 2c0be2bf30994c0e78e9f0282ebe4ea1c42cf7bd92b633df388b40a2dc8c649c; Download | Favorite | View

Red Hat Security Advisory 2021-1004-01: Posted Mar 29, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-1004-01 - This release of Red Hat build of Quarkus 1.11.6 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include code execution, information leakage, and traversal vulnerabilities.; tags | advisory, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2020-25633, CVE-2020-25724, CVE-2020-26238, CVE-2021-20218; SHA-256 | 2c5376b3068f42655130939d9c6e182f8e2756974661bce85fdc7aa0ef9c8d52; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2020-26238

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems