Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2015-0254

It was found that the Java Standard Tag Library (JSTL) allowed the processing of untrusted XML documents to utilize external entity references, which could access resources on the host system and, potentially, allowing arbitrary code execution.

Source

ALAS-2015-595

Amazon Linux AMI Security Advisory: ALAS-2015-595
Advisory Release Date: 2015-09-22 10:00 Pacific
Advisory Updated Date: 2015-09-22 10:00 Pacific

Severity: Important

References: CVE-2015-0254 RHSA-2015-1695

Issue Overview:

It was found that the Java Standard Tag Library (JSTL) allowed the processing of untrusted XML documents to utilize external entity references, which could access resources on the host system and, potentially, allowing arbitrary code execution.

Affected Packages:

jakarta-taglibs-standard

Issue Correction:
Run yum update jakarta-taglibs-standard to update your system.

New Packages:

noarch:
    jakarta-taglibs-standard-1.1.1-11.7.9.amzn1.noarch
    jakarta-taglibs-standard-javadoc-1.1.1-11.7.9.amzn1.noarch

src:
    jakarta-taglibs-standard-1.1.1-11.7.9.amzn1.src

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS-2015-595

ALAS-2015-595

Vulmon Search

About

Products

Connect