Computer vulnerabilities of SAS SAS/GRAPH

Apache Ant: file corruption
A local attacker can create a symbolic link, in order to alter the pointed file, with privileges of Apache Ant...
6344075, cpujul2020, cpuoct2020, CVE-2020-1945, FEDORA-2020-52741b0a49, FEDORA-2020-7f07da3fef, openSUSE-SU-2020:1022-1, USN-4380-1, VIGILANCE-VUL-32379

XStream API: code execution via Deserialization
An attacker can use a vulnerability via Deserialization of XStream API, in order to run code...
1109925, CERTFR-2019-AVI-586, cpuoct2020, CVE-2019-10173, RHSA-2020:0445-01, VIGILANCE-VUL-30921

jackson-databind: file reading via Polymorphic Typing JSON Message
A local attacker can read a file via Polymorphic Typing JSON Message of jackson-databind, in order to obtain sensitive information...
CVE-2019-12814, DLA-1831-1, FEDORA-2019-ae6a703b8f, FEDORA-2019-fb23eccc03, RHSA-2019:2935-01, RHSA-2019:2936-01, RHSA-2019:2937-01, RHSA-2019:2938-01, RHSA-2019:3044-01, RHSA-2019:3045-01, RHSA-2019:3046-01, RHSA-2019:3050-01, VIGILANCE-VUL-29605

jackson-databind: file reading via Polymorphic Typing JSON Message
A local attacker can read a file via Polymorphic Typing JSON Message of jackson-databind, in order to obtain sensitive information...
CVE-2019-12384, DLA-1831-1, DSA-4542-1, FEDORA-2019-ae6a703b8f, FEDORA-2019-fb23eccc03, NTAP-20190703-0002, RHSA-2019:1820-01, RHSA-2019:2720-01, RHSA-2019:2935-01, RHSA-2019:2936-01, RHSA-2019:2937-01, RHSA-2019:2938-01, VIGILANCE-VUL-29604

c3p0: denial of service via the XML configuration
An attacker can trigger a fatal error via the processing of the XML configuration of c3p0, in order to trigger a denial of service...
5048, cpuapr2020, cpujul2020, cpuoct2020, CVE-2019-5427, FEDORA-2019-063672154a, FEDORA-2019-cb14e234fc, VIGILANCE-VUL-29428

jackson-databind: file reading
An attacker can read a file from a client using jackson-databind, in order to obtain sensitive information...
5048, cpujan2020, cpujul2019, cpuoct2019, CVE-2019-12086, DLA-1798-1, DSA-4452-1, FEDORA-2019-ae6a703b8f, FEDORA-2019-fb23eccc03, RHSA-2019:2935-01, RHSA-2019:2936-01, RHSA-2019:2937-01, RHSA-2019:2938-01, RHSA-2019:3044-01, RHSA-2019:3045-01, RHSA-2019:3046-01, RHSA-2019:3050-01, VIGILANCE-VUL-29375

jackson-databind: information disclosure via Default Typing
An attacker can bypass access restrictions to data via Default Typing of jackson-databind, in order to obtain sensitive information...
cpujan2019, cpujul2019, CVE-2018-11307, DLA-1703-1, DSA-4452-1, RHSA-2019:0782-01, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-28642

jackson-databind: code execution via Oracle JDBC Driver Deserialization
An attacker can use a vulnerability via Oracle JDBC Driver Deserialization of jackson-databind, in order to run code...
5048, cpujan2019, cpujul2019, CVE-2018-12023, DLA-1703-1, DSA-4452-1, FEDORA-2019-df57551f6d, RHSA-2019:0782-01, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-28553

jackson-datatype-jsr310: denial of service via Input Validation
An attacker can trigger a fatal error via Input Validation of jackson-datatype-jsr310, in order to trigger a denial of service...
cpuoct2019, CVE-2018-1000873, FEDORA-2019-df57551f6d, VIGILANCE-VUL-28552

jackson-databind: code execution via blaze-ds-opt
An attacker can use a vulnerability via blaze-ds-opt of jackson-databind, in order to run code...
5048, cpuapr2019, cpujan2019, cpuoct2019, CVE-2018-14719, DLA-1703-1, DSA-4452-1, FEDORA-2019-df57551f6d, RHSA-2019:0782-01, VIGILANCE-VUL-28549

Our database contains other pages. You can request a free trial to read them.