Vulnerability CVE-2020-25649

Vulnerability CVE-2020-25649

Published: 2020-12-03

Description:

Type:

(Information Exposure Through XML External Entity Reference)

CVSS Base Score	Impact Subscore	Exploitability Subscore
5/10	2.9/10	10/10

Affected software
Redhat -> Virtualization
Redhat -> Enterprise linux
Redhat -> AMQ
Redhat -> Build of quarkus
Redhat -> Codeready studio
Redhat -> Descision manager
Redhat -> Integration camel k
Redhat -> Integration service registry
Redhat -> Jboss amq streaming
Redhat -> Jboss data grid
Redhat -> Jboss fuse
Redhat -> Openshift application runtimes
Redhat -> Openshift container platform
Redhat -> Process automation
Redhat -> Satellite
Redhat -> Single sign-on
Fasterxml -> Jackson-databind

https://bugzilla.redhat.com/show_bug.cgi?id=1887664

https://github.com/FasterXML/jackson-databind/issues/2589

https://lists.apache.org/thread.html/r1b7ed0c4b6c4301d4dfd6fdbc5581b0a789d3240cab55d766f33c6c6@%3Cjira.kafka.apache.org%3E

https://lists.apache.org/thread.html/r2882fc1f3032cd7be66e28787f04ec6f1874ac68d47e310e30ff7eb1@%3Cjira.kafka.apache.org%3E

https://lists.apache.org/thread.html/r2b6ddb3a4f4cd11d8f6305011e1b7438ba813511f2e3ab3180c7ffda@%3Ccommits.druid.apache.org%3E

https://lists.apache.org/thread.html/r63c87aab97155f3f3cbe11d030c4a184ea0de440ee714977db02e956@%3Cjira.kafka.apache.org%3E

https://lists.apache.org/thread.html/ra1157e57a01d25e36b0dc17959ace758fc21ba36746de29ba1d8b130@%3Cjira.kafka.apache.org%3E

https://lists.apache.org/thread.html/rc15e90bbef196a5c6c01659e015249d6c9a73581ca9afb8aeecf00d2@%3Cjira.kafka.apache.org%3E

https://lists.apache.org/thread.html/rc959cdb57c4fe198316130ff4a5ecbf9d680e356032ff2e9f4f05d54@%3Cjira.kafka.apache.org%3E

https://lists.apache.org/thread.html/rd317f15a675d114dbf5b488d27eeb2467b4424356b16116eb18a652d@%3Cjira.kafka.apache.org%3E

https://lists.apache.org/thread.html/re96dc7a13e13e56190a5d80f9e5440a0d0c83aeec6467b562fbf2dca@%3Cjira.kafka.apache.org%3E