Security Updates

• Vulnerability in Tika's SQLite3Parser
  29-04-2019      affects versions : 13.0, 12.6, 11.2


• Vulnerability in Spring Security 5.1.1
  29-04-2019      affects versions : 13.0


• Open Redirector in spring-security-oauth2 (CVE-2019-3778)
  29-04-2019      affects versions : 13.0, 12.6


• Sensitive data kept in memory
  29-04-2019      affects versions : 13.0, 12.6, 11.2


• Deserialization DOS Vulnerability reported in Guava
  18-02-2019      affects versions : 12.6, 12.5, 11.2


• Vulnerabilities reported in oauth module (used via CRISP)
  18-02-2019      affects versions : 12.6, 12.5


• DoS Vulnerability in Apache PDFBox (CVE-2018-11797)
  04-12-2018      affects versions : 12.6, 12.5, 11.2, 10.2


• DoS Vulnerability in Apache Tika (CVE-2018-11796)
  04-12-2018      affects versions : 12.6, 12.5, 11.2, 10.2


• Vulnerability reported in Apache CXF (CVE-2018-8039)
  04-12-2018      affects versions : 12.6, 12.5, 11.2, 10.2


• DoS (infinite loop) vulnerability in HtmlCleaner
  04-12-2018      affects versions : 12.6, 12.5, 11.2, 10.2


• On CMS login with incorrect password the (incorrect) password is in the login form HTML
  04-12-2018      affects versions : 12.5, 12.4, 11.2, 10.2


• Session Fixation vulnerability
  31-10-2018      affects versions : 12.4, 12.3, 11.2, 10.2


• XSS vulnerability in Channel Overview via malformed channel name
  31-10-2018      affects versions : 12.5, 12.4, 11.2, 10.2


• DoS (OOM) Vulnerability in Apache PDFBox's AFMParser (CVE-2018-8036)
  31-10-2018      affects versions : 12.5, 12.4, 11.2, 10.2


• Improperly Implemented Security Check for Standard, Improper Authorization and Improper Input Validation in Spring Framework (CVE-2018-1257, CVE-2018-1258, CVE-2018-1270)
  31-10-2018      affects versions :


• XSS vulnerability through table summary in rich text field
  13-06-2018      affects versions : 12.3, 11.2, 10.2


• DoS Vulnerabilities in BPG and CHM Parsers of Apache Tika (CVE-2018-1338, CVE-2018-1339)
  07-05-2018      affects versions : 12.3, 12.2, 11.2, 10.2


• Improper Access Control vulnerability in Apache Commons FileUpload (CVE-2016-1000031)
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• XSS Vulnerability in HST MessagesReplace Tag
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• Multiple Vulnerabilities in Camunda Web Application
  26-04-2018      affects versions : 12.2


• Multiple DOS and XXE Vulnerabilities in Apache POI
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• DOS vulnerability in Apache Xerces2 (CVE-2012-0881)
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• Multiple XXS and DOS vulnerabilities in Apache Wicket 6
  26-04-2018      affects versions : 11.2, 10.2


• Multiple Vulnerabilities in Apache Groovy
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• Multiple Spring Framework and Spring Security Vulnerabilities
  26-04-2018      affects versions : 12.2, 11.2, 10.2

• Previous
• 1
• 2
• 3
• 4
• 5
• 6
• 7
• 8
• Next