Download
| Alert*
|
oval:org.secpod.oval:def:203201
axis is installed oval:org.secpod.oval:def:115012 Apache AXIS is an implementation of the SOAP submission to W3C. From the draft W3C specification: SOAP is a lightweight protocol for exchange of information in a decentralized, distributed environment. It is an XML based protocol that consists of three parts: an envelope that defines a framework fo ... oval:org.secpod.oval:def:89049594 This update for axis fixes the following security issue: - CVE-2018-8032: Prevent cross-site scripting attack in the default servlet/services . oval:org.secpod.oval:def:1500070 Updated axis packages that fix one security issue are now available for RedHat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is available from th ... oval:org.secpod.oval:def:1500134 Updated axis packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ... oval:org.secpod.oval:def:202649 Apache Axis is an implementation of SOAP . It can be used to build both web service clients and servers. Apache Axis did not verify that the server hostname matched the domain name in the subject"s Common Name or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attac ... oval:org.secpod.oval:def:1500707 Updated axis packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from t ... oval:org.secpod.oval:def:1500717 Updated axis packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from t ... oval:org.secpod.oval:def:1600030 It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject"s Common Name field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate oval:org.secpod.oval:def:1600315 Apache Axis did not verify that the server hostname matched the domain name in the subject"s Common Name or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name oval:org.secpod.oval:def:501031 Apache Axis is an implementation of SOAP . It can be used to build both web service clients and servers. Apache Axis did not verify that the server hostname matched the domain name in the subject"s Common Name or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attac ... oval:org.secpod.oval:def:500971 Apache Axis is an implementation of SOAP . It can be used to build both web service clients and servers. Apache Axis did not verify that the server hostname matched the domain name in the subject"s Common Name or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attac ... oval:org.secpod.oval:def:89050818 This update for axis fixes the following issues: Security issue fixed: - CVE-2012-5784, CVE-2014-3596: Fixed missing connection hostname check against X.509 certificate name . oval:org.secpod.oval:def:203425 Apache Axis is an implementation of SOAP . It can be used to build both web service clients and servers. It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject"s Common Name field. A man-in-the-middle attacker could use this flaw to spoof an SSL server usi ... oval:org.secpod.oval:def:203424 Apache Axis is an implementation of SOAP . It can be used to build both web service clients and servers. It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject"s Common Name field. A man-in-the-middle attacker could use this flaw to spoof an SSL server usi ... oval:org.secpod.oval:def:501379 Apache Axis is an implementation of SOAP . It can be used to build both web service clients and servers. It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject"s Common Name field. A man-in-the-middle attacker could use this flaw to spoof an SSL server usin ... oval:org.secpod.oval:def:89050611 This update for axis fixes the following issues: Security issue fixed: - CVE-2012-5784, CVE-2014-3596: Fixed missing connection hostname check against X.509 certificate name . oval:org.secpod.oval:def:89051642 This update for axis fixes the following issues: * CVE-2023-51441: Fixed SSRF when untrusted input is passed to the service admin HTTP API . oval:org.secpod.oval:def:89051647 This update for axis fixes the following issues: * CVE-2023-51441: Fixed SSRF when untrusted input is passed to the service admin HTTP API . oval:org.secpod.oval:def:3302463 Security update for axis |
