Published: 06/05/2020 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows malicious users to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat hibernate validator 7.0.0
redhat hibernate validator
ibm websphere application server
redhat jboss_enterprise_application_platform 7.2.0
redhat jboss_enterprise_application_platform 7.3.0
redhat satellite capsule 6.8
redhat satellite 6.8
quarkus quarkus
oracle weblogic server 14.1.1.0.0

Debian Bug report logs - #988946 CVE-2020-10693 Package: libhibernate-validator-java; Maintainer for libhibernate-validator-java is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Source for libhibernate-validator-java is src:libhibernate-validator-java (PTS, buildd, popcon) Reported by: Moritz Muehle ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 729 on RHEL 7 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 72 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 729 on RHEL 8 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 72 for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ...

Synopsis Moderate: Red Hat Process Automation Manager 790 security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat Process Automation ManagerRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring ...

Synopsis Important: Red Hat build of Quarkus 175 release and security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat build of QuarkusRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Syst ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 732 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 73Red Hat Product Security has rated this update as having a security impact of Important A ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 732 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 73 for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 732 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 73 for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 729 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 72Red Hat Product Security has rated this update as having a security impact of Important A ...

Synopsis Important: Red Hat Single Sign-On 742 security update Type/Severity Security Advisory: Important Topic A security update is now available for Red Hat Single Sign-On 74 from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulne ...

Synopsis Important: Red Hat build of Thorntail 271 security and bug fix update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat build of ThorntailRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 729 on RHEL 6 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 72 for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as ...

Synopsis Important: Satellite 68 release Type/Severity Security Advisory: Important Topic An update is now available for Red Hat Satellite 68 for RHEL 7Red Hat Product Security has rated this update as having a security impactof Important A Common Vulnerability Scoring System (CVSS) base score,which giv ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 732 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 73 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a ...

Synopsis Moderate: Red Hat Decision Manager 790 security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat Decision ManagerRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...

Synopsis Important: Red Hat support for Spring Boot 226SP2 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift Application RuntimesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability ...

Synopsis Moderate: Open Liberty 200011 Runtime security update Type/Severity Security Advisory: Moderate Topic Open Liberty 200011 Runtime is now available from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sy ...

A vulnerability (CVE-2020-10693) exists in Cosminexus Component Container Affected products and versions are listed below Please upgrade your version to the appropriate version These vulnerabilities exist in Cosminexus Component Container which is a component product of other Hitachi products For details about the fixed version about Cosminex ...

Multiple vulnerabilities have been found in Hitachi Ops Center Common Services CVE-2020-1714, CVE-2020-10693, CVE-2020-10740, CVE-2020-10758 Affected products and versions are listed below Please upgrade your version to the appropriate version ...

Multiple vulnerabilities have been found in Hitachi Ops Center Common Services CVE-2019-10219, CVE-2020-10693, CVE-2020-25638, CVE-2021-28170, CVE-2022-0866, CVE-2022-1278, CVE-2022-1466, CVE-2022-2625, CVE-2022-2764, CVE-2022-23437 Affected products and versions are listed below Please upgrade your version to the appropriate version ...

Hands-on workshop for IBM WebSphere Automation solution that optimizes your WebSphere operations for security, resiliency and performance

ThinkLab-2257 IBM WebSphere Automation Think 2021 Lab instructions Lab Environment Once you log in, you will see 10 VMs (virtual machines) 3 are for lab infrastructure 3 for OCP (OpenShift) controllers 3 for OCP workers/compute 1 for the lab (Student VM) WebSphere Automation is pre-installed in the OCP cluster hosted on the VMs You will be working on the Student VM o

All go clients for JFrog products

JFrog Go Client Branch Status master dev Table of Contents JFrog Go Client Table of Contents General Pull Requests Guidelines Tests Flags Test Types Connection Details General APIs Setting the Logger Setting the Temp Dir Artifactory APIs Creating Artifactory Service Manager Creating Artifactory Details Creating Artifactory Details with Custom H

mydependabot-exploration This is a project that intentionally writes bad code and uses old dependencies The goal is to experiment on how Dependabot and Dependabot Core will react to these and apply changes Building mvn package Running You should not need to run this project as it just demonstrates bad code Release History 001 Work i

CWE-20 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693 https://www.oracle.com/security-alerts/cpuapr2022.html https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988946 https://nvd.nist.gov https://github.com/IBM/websphere-automation-lab https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2021-123/index.html

Get Started

CVE-2020-10693

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect