|
|
Log in / Subscribe / Register

derby: information leak

Package(s):derby CVE #(s):CVE-2015-1832
Created:October 14, 2016 Updated:November 18, 2016
Description: From the openSUSE bug report:

Apache Derby could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML datatype and XmlVTI. An attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service.

Alerts:
openSUSE openSUSE-SU-2016:2535-1 derby 2016-10-14
Mageia MGASA-2016-0385 derby 2016-11-18
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds