exploitDog

SUSE-SU-2021:2293-1

Опубликовано: 12 июл. 2021

Источник: suse-cvrf

Описание

Security update for jdom2

This update for jdom2 fixes the following issues:

CVE-2021-33813: XXE issue in SAXBuilder can cause a denial of service via a crafted HTTP request (bsc#1187446)

Список пакетов

SUSE Linux Enterprise Module for Development Tools 15 SP2

jdom2-2.0.6-3.3.1

SUSE Linux Enterprise Module for Development Tools 15 SP3

jdom2-2.0.6-3.3.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20212293-1/
Link for SUSE-SU-2021:2293-1
https://lists.suse.com/pipermail/sle-security-updates/2021-July/009125.html
E-Mail link for SUSE-SU-2021:2293-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1187446
SUSE Bug 1187446
https://www.suse.com/security/cve/CVE-2021-33813/
SUSE CVE CVE-2021-33813 page

Описание

An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.

Затронутые продукты

SUSE Linux Enterprise Module for Development Tools 15 SP2:jdom2-2.0.6-3.3.1

SUSE Linux Enterprise Module for Development Tools 15 SP3:jdom2-2.0.6-3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-33813.html
CVE-2021-33813
https://bugzilla.suse.com/1187446
SUSE Bug 1187446