漏洞信息详情

Hibernate Validator 输入验证错误漏洞

  • CNNVD编号:CNNVD-202005-159
  • 危害等级: 中危
  • CVE编号: CVE-2020-10693
  • 漏洞类型: 输入验证错误
  • 发布时间: 2020-05-05
  • 威胁类型: 远程
  • 更新时间: 2022-07-07
  • 厂        商:
  • 漏洞来源: Red Hat

漏洞简介

Hibernate Validator是一款参数校验框架。

Hibernate Validator 6.1.2.Final版本中存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。

漏洞公告

目前厂商暂未发布修复措施解决此安全问题,建议使用此软件的用户随时关注厂商主页或参考网址以获取解决办法:

https://hibernate.org/

参考网址

来源:MISC

链接:https://www.ibm.com/support/pages/node/6348216

来源:MLIST

链接:https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a@%3Cpluto-dev.portals.apache.org%3E

来源:MISC

链接:https://www.oracle.com/security-alerts/cpuapr2022.html

来源:MLIST

链接:https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c@%3Cpluto-dev.portals.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4@%3Cpluto-scm.portals.apache.org%3E

来源:CONFIRM

链接:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3557/

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Hibernate-Validator-privilege-escalation-via-Message-Interpolation-Processor-33092

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3703/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4357/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-affect-ibm-websphere-application-server-in-ibm-cloud-4/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/159921/Red-Hat-Security-Advisory-2020-4960-01.html

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-in-ibm-websphere-application-server-affect-ibm-sterling-b2b-integrator-2/

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2020-10693

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-transformation-advisor-is-affected-by-a-vulnerability-in-websphere-application-server-liberty-cve-2020-10693/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.2837/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-in-ibm-websphere-application-server-affects-ibm-voice-gateway/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/158916/Red-Hat-Security-Advisory-2020-3501-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3022/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/159046/Red-Hat-Security-Advisory-2020-3539-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3686/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/163798/Red-Hat-Security-Advisory-2021-3140-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3254/

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2020-10693

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3894/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-hibernate-validator-affects-liberty-for-java-for-ibm-cloud-cve-2020-10693/

来源:www.nsfocus.net

链接:http://www.nsfocus.net/vulndb/47249

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3534/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/159706/Red-Hat-Security-Advisory-2020-4344-01.html

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-novalink-is-impacted-by-vulnerability-in-hibernate-validator-affects-websphere-application-server-liberty-cve-2020-10693-2/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/158891/Red-Hat-Security-Advisory-2020-3463-01.html

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-has-announced-a-release-for-ibm-security-identity-governance-and-intelligence-in-response-to-a-security-vulnerability-cve-2020-10693/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-affect-ibm-websphere-application-server-in-ibm-cloud-5/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/159551/Red-Hat-Security-Advisory-2020-4252-01.html

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-hibernate-validator-affects-websphere-application-server-liberty-cve-2020-10693/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/159276/Red-Hat-Security-Advisory-2020-3806-01.html

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-websphere-application-server-liberty-affects-ibm-z-development-and-test-environment-jan-2021/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-middleware-software-affect-ibm-cloud-pak-for-automation-4/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.2731

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4403/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.2826/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-websphere-hibernate-validator-vulnerability-affects-ibm-control-center-cve-2020-10693/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-is-affected-by-a-vulnerability-in-websphere-application-server-liberty-cve-2020-10693/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/159724/Red-Hat-Security-Advisory-2020-4366-01.html

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2022070611

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/159083/Red-Hat-Security-Advisory-2020-3642-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3065/

受影响实体

    暂无


补丁

    暂无

漏洞信息快速查询

相关漏洞

更多