Lucene search

Veracode Vulnerability DatabaseVERACODE:19805

HistoryMay 16, 2019 - 3:24 a.m.

Directory Traversal

2019-05-1603:24:18

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.002 Low

EPSS

Percentile

58.5%

JSON

IBM Java SE is vulnerable to directory traversal vulnerability. This occurs when extracting compressed dump files since the IBM SDK does not not protect against path traversal attacks.

CPENameOperatorVersion
java-1.8.0-ibmeq1.8.0.4.1__1jpp.1.el6_8
java-1.7.1-ibmeq1.7.1.4.1__1jpp.1.el6_8
java-1.7.1-ibmeq1.7.1.3.40__1jpp.1.el6_7

Name	Operator	Version
java-1.8.0-ibm	eq	1.8.0.4.1__1jpp.1.el6_8
java-1.7.1-ibm	eq	1.7.1.4.1__1jpp.1.el6_8
java-1.7.1-ibm	eq	1.7.1.3.40__1jpp.1.el6_7

References

www.ibm.com/support/docview.wss?uid=ibm10719653

www.securityfocus.com/bid/105118

www.securitytracker.com/id/1041765

access.redhat.com/errata/RHSA-2018:2568

access.redhat.com/errata/RHSA-2018:2569

access.redhat.com/errata/RHSA-2018:2575

access.redhat.com/errata/RHSA-2018:2576

access.redhat.com/errata/RHSA-2018:2712

access.redhat.com/errata/RHSA-2018:2713

access.redhat.com/security/updates/classification/#important

exchange.xforce.ibmcloud.com/vulnerabilities/144882

www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

0.002 Low

EPSS

Percentile

58.5%

JSON

Related for VERACODE:19805