Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-33813

Опубликовано: 16 июн. 2021
Источник: debian

Описание

An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libjdom2-intellij-javaunfixedpackage
libjdom2-intellij-javaignoredtrixiepackage
libjdom2-intellij-javaignoredbookwormpackage
libjdom2-intellij-javano-dsabullseyepackage
libjdom2-intellij-javano-dsabusterpackage
libjdom2-javafixed2.0.6-2.1package
libjdom2-javano-dsabusterpackage
libjdom1-javafixed1.1.3-2.1package
libjdom1-javano-dsabusterpackage

Примечания

  • https://github.com/hunterhacker/jdom/pull/188

  • https://alephsecurity.com/vulns/aleph-2021003

  • Fixed by: https://github.com/hunterhacker/jdom/commit/bd3ab78370098491911d7fe9d7a43b97144a234e

  • Possible regression impact: https://github.com/hunterhacker/jdom/pull/188#issuecomment-872685011

  • Improved regression with: https://github.com/hunterhacker/jdom/commit/dd4f3c2fc7893edd914954c73eb577f925a7d361

  • https://github.com/hunterhacker/jdom/commit/07f316957b59d305f04c7bdb26292852bcbc2eb5

Связанные уязвимости

ubuntu логотип

CVE-2021-33813

CVSS3: 7.5
ubuntu
около 4 лет назад

An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.

redhat логотип

CVE-2021-33813

CVSS3: 7.5
redhat
около 4 лет назад

An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.

nvd логотип

CVE-2021-33813

CVSS3: 7.5
nvd
около 4 лет назад

An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.

suse-cvrf логотип

openSUSE-SU-2021:2293-1

suse-cvrf
около 4 лет назад

Security update for jdom2

suse-cvrf логотип

openSUSE-SU-2021:1031-1

suse-cvrf
около 4 лет назад

Security update for jdom2