Article Number: 000187283
High
Third-party Component | CVE(s) | More information |
json-sanitizer | CVE-2021-23899 CVE-2021-23900 |
OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. This allows an attacker to inject arbitrary HTML or XML into embedding documents. OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these situations |
OpenSSL | CVE-2020-1971 | |
SuSE | CVE-2020-28374 CVE-2020-36158 CVE-2020-27825 CVE-2020-0466 CVE-2020-27068 CVE-2020-0465 CVE-2020-0444 CVE-2020-29660 CVE-2020-29661 CVE-2020-27777 CVE-2019-20934 CVE-2020-27786 CVE-2020-4788 CVE-2018-20669 |
|
Open JDK JRE | CVE-2020-14803 (JDK-8247619) |
https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-January/013337.html |
Third-party Component | CVE(s) | More information |
json-sanitizer | CVE-2021-23899 CVE-2021-23900 |
OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. This allows an attacker to inject arbitrary HTML or XML into embedding documents. OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these situations |
OpenSSL | CVE-2020-1971 | |
SuSE | CVE-2020-28374 CVE-2020-36158 CVE-2020-27825 CVE-2020-0466 CVE-2020-27068 CVE-2020-0465 CVE-2020-0444 CVE-2020-29660 CVE-2020-29661 CVE-2020-27777 CVE-2019-20934 CVE-2020-27786 CVE-2020-4788 CVE-2018-20669 |
|
Open JDK JRE | CVE-2020-14803 (JDK-8247619) |
https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-January/013337.html |
Product | Affected Version(s) | Updated Version(s) | Link to Update | |
Dell Power Protect Data Manager | 19.7 and earlier | 19.8 | ||
Product | Affected Version(s) | Updated Version(s) | Link to Update | |
Dell Power Protect Data Manager | 19.7 and earlier | 19.8 | ||
None
Revision | Date | Description |
1.0 | 2021-05-24 | Initial Release |
PowerProtect Data Manager, Product Security Information
24 May 2021
Dell Security Advisory