[USN-4575-1] dom4j vulnerability
avital.ostromich at canonical.com
Wed Oct 14 00:58:53 UTC 2020
Ubuntu Security Notice USN-4575-1
October 13, 2020
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
dom4j could be made to expose sensitive information or run programs if it
received specially crafted input.
- dom4j: Flexible XML framework for Java
It was discovered that dom4j incorrectly handled reading XML data. A
remote attacker could exploit this with a crafted XML file to expose
sensitive data or possibly execute arbitrary code. (CVE-2020-10683)
The problem can be corrected by updating your system to the following
Ubuntu 16.04 LTS:
In general, a standard system update will make all the necessary changes.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: OpenPGP digital signature
More information about the ubuntu-security-announce