BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 35 min 46 sec ago

[SECURITY] [DSA 3858-1] openjdk-7 security update

May 22, 2017 - 4:19am

Posted by Moritz Muehlenhoff on May 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-3858-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
May 19, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : openjdk-7
CVE ID : CVE-2017-3509 CVE-2017-3511...
Categories:

[SECURITY] CVE-2017-5657: Apache Archiva CSRF vulnerability for REST endpoints

May 22, 2017 - 4:05am

Posted by Martin on May 22

CVE-2017-5657: Apache Archiva CSRF vulnerabilities for various REST endpoints

Severity: Important

Vendor:
The Apache Software Foundation

Versions Affected:
Archiva 2.0.0 - 2.2.1
The unsupported versions 1.x are also affected.

Several REST service endpoints of Apache Archiva are not protected against
Cross Site Request Forgery (CSRF) attacks. A malicious site opened in the same
browser as the archiva site, may send HTML response...
Categories: