Lucene search
IBM75F163F24472BDD458A7F5DECF8D9273AFCBB87F993AD4A2EE15004737D2770EHistoryJun 15, 2018 - 7:05 a.m.
Security Bulletin: A Security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager, WebSphere Process Server and WebSphere Lombardi Edition (CVE-2015-0254)
2018-06-1507:05:52
www.ibm.com
13
0.07 Low
EPSS
Percentile
94.0%
Summary
WebSphere Application Server is shipped as a component of IBM Business Process Manager, WebSphere Process Server, and WebSphere Lombardi Edition. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.
Vulnerability Details
Please consult the security bulletin
- Security Bulletin: Vulnerability in Apache Standard Taglibs affects IBM WebSphere Application Server (CVE-2015-0254)
for vulnerability details and information about fixes.
Affected Products and Versions
-
- WebSphere Lombardi Edition V7.2.0.x
- WebSphere Process Server V6.x through V7.x
- IBM Business Process Manager V7.5.0.0 through V7.5.1.2
- IBM Business Process Manager V8.0 through V8.0.1.3
- IBM Business Process Manager V8.5.0 through V8.5.0.2
- IBM Business Process Manager V8.5.5
- IBM Business Process Manager V8.5.6 through V8.5.6.0 cumulative fix 2
- IBM Business Process Manager V8.5.7 through V8.5.7.0 cumulative fix 1
For_ earlier unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product._
Workarounds and Mitigations
None
Related
nessus
nessus
CentOS 6 / 7 : jakarta-taglibs-standard (CESA-2015:1695)
2015-10-22 00:00:00
Oracle Linux 6 / 7 : jakarta-taglibs-standard (ELSA-2015-1695)
2015-09-01 00:00:00
RHEL 5 : JBoss EAP (RHSA-2016:0121)
2016-02-08 00:00:00
openvas
openvas
CentOS Update for jakarta-taglibs-standard CESA-2015:1695 centos6
2015-09-02 00:00:00
Mageia: Security Advisory (MGASA-2015-0140)
2022-01-28 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-595)
2015-09-25 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in Apache Standard Taglibs affects IBM WebSphere Application Server (CVE-2015-0254) shipped with IBM Tivoli Netcool Performance Manager
2018-06-17 15:25:28
redhat
redhat
mageia
mageia
Updated jakarta-taglibs-standard packages fix CVE-2015-0254
2015-04-10 01:44:14
suse
suse
Security update for jakarta-taglibs-standard (important)
2017-06-27 00:11:17
Security update for jakarta-taglibs-standard (important)
2017-06-15 00:09:02
kaspersky
kaspersky
KLA10483 Code execution vulnerability in Apache Standard Taglib
2015-03-24 00:00:00
oraclelinux
oraclelinux
jakarta-taglibs-standard security update
2015-08-31 00:00:00
centos
centos
jakarta security update
2015-09-01 15:35:28
tomcat
tomcat
Fixed in Apache Standard Taglib 1.2.3
2015-02-20 00:00:00
prion
prion
Xxe
2015-03-09 14:59:00
amazon
amazon
Important: jakarta-taglibs-standard
2015-09-22 10:00:00
ubuntu
ubuntu
Apache Standard Taglibs vulnerability
2015-03-30 00:00:00
securityvulns
securityvulns
Apache taglibs security vulnerabilities
2015-03-08 00:00:00
[SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags
2015-03-08 00:00:00
cvelist
cvelist
CVE-2015-0254
2015-03-09 14:00:00
nvd
nvd
CVE-2015-0254
2015-03-09 14:59:04
github
github
XXE in Apache Standard Taglibs
2020-09-14 18:44:01
cve
cve
CVE-2015-0254
2015-03-09 14:59:04
ubuntucve
ubuntucve
CVE-2015-0254
2015-03-09 00:00:00
veracode
veracode
XML External Entity (XXE) Through An XSLT Extension
2019-01-15 09:09:55
osv
osv
XXE in Apache Standard Taglibs
2020-09-14 18:44:01
oracle
oracle
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - July 2017
2018-03-20 00:00:00
Oracle Critical Patch Update Advisory - April 2020
2020-04-14 00:00:00
0.07 Low
EPSS
Percentile
94.0%
Related for 75F163F24472BDD458A7F5DECF8D9273AFCBB87F993AD4A2EE15004737D2770E