Download
| Alert*
oval:org.secpod.oval:def:203183
xerces-j2 is installed oval:org.secpod.oval:def:89044678 xerces-j2 was updated to fix several issues. This security issue was fixed: - bsc#814241: Prevent possible DoS through very long attribute names This non-security issue was fixed: - Prevent StackOverflowError when applying a pattern restriction on long strings while trying to validate an XML file ag ... oval:org.secpod.oval:def:89044615 xerces-j2 was updated to fix several issues. This security issue was fixed: - bsc#814241: Prevent possible DoS through very long attribute names This non-security issue was fixed: - Prevent StackOverflowError when applying a pattern restriction on long strings while trying to validate an XML file ag ... oval:org.secpod.oval:def:1506172 apache-commons-collections apache-commons-net [3.6-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild [3.6-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [3.6-1] - Update to upstream version 3.6 jss [4.9.4-1] - Rebase to JSS 4.9.4 - Bug 2013674 - JSS canno ... oval:org.secpod.oval:def:507274 The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Security Fix: * pki-core: access to external entities when parsing XML can lead to XXE For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other ... oval:org.secpod.oval:def:89046090 This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser . oval:org.secpod.oval:def:89046055 This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser . oval:org.secpod.oval:def:89047364 This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser . oval:org.secpod.oval:def:89046078 This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser . oval:org.secpod.oval:def:3300890 SUSE Security Update: Security update for xerces-j2 oval:org.secpod.oval:def:89046025 This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser . oval:org.secpod.oval:def:3300385 SUSE Security Update: Security update for xerces-j2 oval:org.secpod.oval:def:2501016 The Public Key Infrastructure Deps module contains fundamental packages required as dependencies for the pki-core module by AlmaLinux Certificate System. oval:org.secpod.oval:def:73606 The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Security Fix: * resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class For more details about the security issue, including the impact, a CVSS score, acknowledgm ... oval:org.secpod.oval:def:1505209 apache-commons-collections jss [4.8.1-2] - Bug 1932803 - HSM + FIPS: CMCRequest with a shared secret resulting in error [4.8.1-1] - Rebase to upstream JSS v4.8.1 - Red Hat Bugilla #1908541 - jss broke SCEP - missing PasswordChallenge class - Red Hat Bugilla #1489256 - [RFE] jss should support RSA wi ... oval:org.secpod.oval:def:2500485 The Public Key Infrastructure Core contains fundamental packages required by AlmaLinux Certificate System. oval:org.secpod.oval:def:1505303 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500736 Updated xerces-j2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ... oval:org.secpod.oval:def:1500739 Updated xerces-j2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ... oval:org.secpod.oval:def:501400 Apache Xerces for Java is a high performance, standards compliant, validating XML parser written in Java. The xerces-j2 packages provide Xerces-J version 2. A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specia ... oval:org.secpod.oval:def:203446 Apache Xerces for Java is a high performance, standards compliant, validating XML parser written in Java. The xerces-j2 packages provide Xerces-J version 2. A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specia ... oval:org.secpod.oval:def:203444 Apache Xerces for Java is a high performance, standards compliant, validating XML parser written in Java. The xerces-j2 packages provide Xerces-J version 2. A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specia ... oval:org.secpod.oval:def:1600151 A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specially crafted declaration using a long pseudo-attribute name that, when parsed by an application using Xerces-J, would cause that application to use an excessiv ... oval:org.secpod.oval:def:107480 Welcome to the future! Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface , a complete framework for building parser components and configurations that is extremely modular and ... oval:org.secpod.oval:def:107481 Welcome to the future! Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface , a complete framework for building parser components and configurations that is extremely modular and ... oval:org.secpod.oval:def:2501013 The Public Key Infrastructure Deps module contains fundamental packages required as dependencies for the pki-core module by AlmaLinux Certificate System. oval:org.secpod.oval:def:202211 The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition defines the legal syntax for certain types of files, such as XML files. A flaw was found in the way the Apache Xerces2 Java Parser processed the SYSTEM identifier in DTDs. A rem ... oval:org.secpod.oval:def:500595 The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition defines the legal syntax for certain types of files, such as XML files. A flaw was found in the way the Apache Xerces2 Java Parser processed the SYSTEM identifier in DTDs. A rem ... oval:org.secpod.oval:def:500062 The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition defines the legal syntax for certain types of files, such as XML files. A flaw was found in the way the Apache Xerces2 Java Parser processed the SYSTEM identifier in DTDs. A rem ... oval:org.secpod.oval:def:202149 The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition defines the legal syntax for certain types of files, such as XML files. A flaw was found in the way the Apache Xerces2 Java Parser processed the SYSTEM identifier in DTDs. A rem ... oval:org.secpod.oval:def:1503204 Updated xerces-j2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availabl ... oval:org.secpod.oval:def:2500199 The Public Key Infrastructure Core contains fundamental packages required by AlmaLinux Certificate System. oval:org.secpod.oval:def:68019 The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Security Fix: * jquery: Cross-site scripting via cross-domain ajax requests * bootstrap: XSS in the data-target attribute * bootstrap: Cross-site Scripting in the collapse data-parent attribu ... oval:org.secpod.oval:def:504689 The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Security Fix: * jquery: Cross-site scripting via cross-domain ajax requests * bootstrap: XSS in the data-target attribute * bootstrap: Cross-site Scripting in the collapse data-parent attribu ... oval:org.secpod.oval:def:2500205 The Public Key Infrastructure Core contains fundamental packages required by AlmaLinux Certificate System. oval:org.secpod.oval:def:1505309 The advisory is missing the security advisory description. For more information please visit the reference link |