Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-13936

A flaw was found in velocity. An attacker, able to modify Velocity templates, may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-13936)

Source

ALAS2-2021-1690

Amazon Linux 2 Security Advisory: ALAS-2021-1690
Advisory Release Date: 2021-07-14 20:45 Pacific
Advisory Updated Date: 2021-07-15 21:38 Pacific

Severity: Important

References: CVE-2020-13936

Issue Overview:

A flaw was found in velocity. An attacker, able to modify Velocity templates, may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-13936)

Affected Packages:

velocity

Issue Correction:
Run yum update velocity to update your system.

New Packages:

noarch:
    velocity-1.7-10.2.amzn2.noarch
    velocity-manual-1.7-10.2.amzn2.noarch
    velocity-javadoc-1.7-10.2.amzn2.noarch
    velocity-demo-1.7-10.2.amzn2.noarch

src:
    velocity-1.7-10.2.amzn2.src

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS2-2021-1690

ALAS2-2021-1690

Vulmon Search

About

Products

Connect