Software AG Quartz 2.1.6

CPE Details

Software AG Quartz 2.1.6
softwareag
quartz
2.1.6
2019-07-31
14h04 +00:00
2019-07-31
14h04 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:softwareag:quartz:2.1.6:*:*:*:*:*:*:*

Informations

Vendor

softwareag

Product

quartz

Version

2.1.6

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-39017 2023-07-27 22h00 +00:00 quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple parties because it is not plausible that untrusted user input would reach the code location where injection must occur.
9.8
Critique
CVE-2019-13990 2019-07-25 22h00 +00:00 initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
9.8
Critique