Bug 1620529 (CVE-2018-1000632) - CVE-2018-1000632 dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents
Summary: CVE-2018-1000632 dom4j: XML Injection in Class: Element. Methods: addElement,...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2018-1000632
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1620535 1639569 1639570 1639572 1643126 1626282 1626283 1639571
Blocks: 1620537
TreeView+ depends on / blocked
 
Reported: 2018-08-23 06:48 UTC by Andrej Nemec
Modified: 2019-09-29 14:56 UTC (History)
106 users (show)

Fixed In Version: dom4j 2.0.3, dom4j 2.1.1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-06-10 10:36:47 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2019:0362 None None None 2019-02-18 15:42:55 UTC
Red Hat Product Errata RHSA-2019:0364 None None None 2019-02-18 15:46:49 UTC
Red Hat Product Errata RHSA-2019:0365 None None None 2019-02-18 15:49:09 UTC
Red Hat Product Errata RHSA-2019:0380 None None None 2019-02-19 17:19:01 UTC
Red Hat Product Errata RHSA-2019:1159 None None None 2019-05-13 17:01:22 UTC
Red Hat Product Errata RHSA-2019:1160 None None None 2019-05-13 17:06:59 UTC
Red Hat Product Errata RHSA-2019:1161 None None None 2019-05-13 17:04:15 UTC
Red Hat Product Errata RHSA-2019:1162 None None None 2019-05-13 17:24:57 UTC

Description Andrej Nemec 2018-08-23 06:48:41 UTC
XML Injection vulnerability was found in dom4j in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document.

Upstream issue:

https://github.com/dom4j/dom4j/issues/48

Upstream patch:

https://github.com/dom4j/dom4j/commit/e598eb43d418744c4dbf62f647dd2381c9ce9387

References:

https://ihacktoprotect.com/post/dom4j-xml-injection/

Comment 1 Andrej Nemec 2018-08-23 06:50:18 UTC
Created dom4j tracking bugs for this issue:

Affects: fedora-all [bug 1620535]

Comment 7 errata-xmlrpc 2019-02-18 15:42:52 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2019:0362 https://access.redhat.com/errata/RHSA-2019:0362

Comment 8 errata-xmlrpc 2019-02-18 15:46:46 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6

Via RHSA-2019:0364 https://access.redhat.com/errata/RHSA-2019:0364

Comment 9 errata-xmlrpc 2019-02-18 15:49:06 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7

Via RHSA-2019:0365 https://access.redhat.com/errata/RHSA-2019:0365

Comment 10 errata-xmlrpc 2019-02-19 17:18:58 UTC
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.2.6 zip

Via RHSA-2019:0380 https://access.redhat.com/errata/RHSA-2019:0380

Comment 11 errata-xmlrpc 2019-05-13 17:01:19 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5

Via RHSA-2019:1159 https://access.redhat.com/errata/RHSA-2019:1159

Comment 12 errata-xmlrpc 2019-05-13 17:04:11 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7

Via RHSA-2019:1161 https://access.redhat.com/errata/RHSA-2019:1161

Comment 13 errata-xmlrpc 2019-05-13 17:06:56 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6

Via RHSA-2019:1160 https://access.redhat.com/errata/RHSA-2019:1160

Comment 14 errata-xmlrpc 2019-05-13 17:24:53 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2019:1162 https://access.redhat.com/errata/RHSA-2019:1162

Comment 15 Joshua Padman 2019-05-15 22:51:42 UTC
This vulnerability is out of security support scope for the following products:
 * Red Hat JBoss Operations Network 3
 * Red Hat JBoss Fuse 6
 * Red Hat JBoss Fuse Service Works 6
 * Red Hat JBoss SOA Platform 5
 * Red Hat JBoss BRMS 5
 * Red Hat JBoss BRMS 6
 * Red Hat JBoss BPM Suite 6

Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details.


Note You need to log in before you can comment on or make changes to this bug.