A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
Project Subscriptions
| Vendors | Products |
|---|---|
|
Netapp
Subscribe
|
|
|
Oracle
Subscribe
|
Access Manager
Subscribe
Agile Engineering Data Management
Subscribe
Agile Plm
Subscribe
Agile Product Lifecycle Analytics
Subscribe
Agile Product Lifecycle Management Integration Pack
Subscribe
Airlines Data Model
Subscribe
Application Express
Subscribe
Application Performance Management
Subscribe
Application Testing Suite
Subscribe
Argus Analytics
Subscribe
Argus Insight
Subscribe
Argus Safety
Subscribe
Banking Apis
Subscribe
Banking Deposits And Lines Of Credit Servicing
Subscribe
Banking Digital Experience
Subscribe
Banking Enterprise Default Management
Subscribe
Banking Enterprise Default Managment
Subscribe
Banking Loans Servicing
Subscribe
Banking Party Management
Subscribe
Banking Platform
Subscribe
Bi Publisher
Subscribe
Big Data Spatial And Graph
Subscribe
Business Activity Monitoring
Subscribe
Business Intelligence
Subscribe
Business Process Management Suite
Subscribe
Clinical
Subscribe
Commerce Guided Search
Subscribe
Commerce Platform
Subscribe
Communications Application Session Controller
Subscribe
Communications Billing And Revenue Management
Subscribe
Communications Billing And Revenue Management Elastic Charging Engine
Subscribe
Communications Calendar Server
Subscribe
Communications Cloud Native Core Automated Test Suite
Subscribe
Communications Cloud Native Core Binding Support Function
Subscribe
Communications Cloud Native Core Console
Subscribe
Communications Cloud Native Core Network Function Cloud Native Environment
Subscribe
Communications Cloud Native Core Network Repository Function
Subscribe
Communications Cloud Native Core Policy
Subscribe
Communications Cloud Native Core Security Edge Protection Proxy
Subscribe
Communications Cloud Native Core Service Communication Proxy
Subscribe
Communications Cloud Native Core Unified Data Repository
Subscribe
Communications Contacts Server
Subscribe
Communications Converged Application Server - Service Controller
Subscribe
Communications Convergence
Subscribe
Communications Convergent Charging Controller
Subscribe
Communications Data Model
Subscribe
Communications Design Studio
Subscribe
Communications Diameter Signaling Route
Subscribe
Communications Eagle Application Processor
Subscribe
Communications Instant Messaging Server
Subscribe
Communications Interactive Session Recorder
Subscribe
Communications Messaging Server
Subscribe
Communications Metasolv Solution
Subscribe
Communications Network Charging And Control
Subscribe
Communications Network Integrity
Subscribe
Communications Offline Mediation Controller
Subscribe
Communications Operations Monitor
Subscribe
Communications Pricing Design Center
Subscribe
Communications Service Broker
Subscribe
Communications Services Gatekeeper
Subscribe
Communications Session Border Controller
Subscribe
Communications Unified Inventory Management
Subscribe
Communications Webrtc Session Controller
Subscribe
Data Integrator
Subscribe
Database Server
Subscribe
Demantra Demand Management
Subscribe
Documaker
Subscribe
E-business Suite
Subscribe
Enterprise Communications Broker
Subscribe
Enterprise Data Quality
Subscribe
Enterprise Manager Base Platform
Subscribe
Enterprise Manager Ops Center
Subscribe
Enterprise Session Border Controller
Subscribe
Essbase
Subscribe
Essbase Administration Services
Subscribe
Financial Services Analytical Applications Infrastructure
Subscribe
Financial Services Behavior Detection Platform
Subscribe
Financial Services Enterprise Case Management
Subscribe
Financial Services Foreign Account Tax Compliance Act Management
Subscribe
Financial Services Model Management And Governance
Subscribe
Financial Services Trade-based Anti Money Laundering
Subscribe
Flexcube Investor Servicing
Subscribe
Flexcube Private Banking
Subscribe
Fujitsu M10-1
Subscribe
Fujitsu M10-1 Firmware
Subscribe
Fujitsu M10-4
Subscribe
Fujitsu M10-4 Firmware
Subscribe
Fujitsu M10-4s
Subscribe
Fujitsu M10-4s Firmware
Subscribe
Fujitsu M12-1
Subscribe
Fujitsu M12-1 Firmware
Subscribe
Fujitsu M12-2
Subscribe
Fujitsu M12-2 Firmware
Subscribe
Fujitsu M12-2s
Subscribe
Fujitsu M12-2s Firmware
Subscribe
Fusion Middleware
Subscribe
Fusion Middleware Mapviewer
Subscribe
Goldengate
Subscribe
Goldengate Application Adapters
Subscribe
Graalvm
Subscribe
Graph Server And Client
Subscribe
Health Sciences Clinical Development Analytics
Subscribe
Health Sciences Inform Crf Submit
Subscribe
Health Sciences Information Manager
Subscribe
Healthcare Data Repository
Subscribe
Healthcare Foundation
Subscribe
Healthcare Translational Research
Subscribe
Hospitality Cruise Shipboard Property Management System
Subscribe
Hospitality Opera 5 Property Services
Subscribe
Hospitality Reporting And Analytics
Subscribe
Hospitality Suite8
Subscribe
Http Server
Subscribe
Hyperion Financial Management
Subscribe
Hyperion Ilearning
Subscribe
Hyperion Infrastructure Technology
Subscribe
Instantis Enterprisetrack
Subscribe
Insurance Data Gateway
Subscribe
Insurance Insbridge Rating And Underwriting
Subscribe
Insurance Policy Administration
Subscribe
Insurance Policy Administration J2ee
Subscribe
Insurance Rules Palette
Subscribe
Java Se
Subscribe
Jd Edwards Enterpriseone Orchestrator
Subscribe
Jdk
Subscribe
Managed File Transfer
Subscribe
Mysql Cluster
Subscribe
Mysql Connectors
Subscribe
Mysql Server
Subscribe
Mysql Workbench
Subscribe
Nosql Database
Subscribe
Oss Support Tools
Subscribe
Peoplesoft Enterprise Cs Sa Integration Pack
Subscribe
Peoplesoft Enterprise People Tools
Subscribe
Peoplesoft Enterprise Peopletools
Subscribe
Policy Automation
Subscribe
Primavera Analytics
Subscribe
Primavera Data Warehouse
Subscribe
Primavera Gateway
Subscribe
Primavera P6 Enterprise Project Portfolio Management
Subscribe
Primavera P6 Professional Project Management
Subscribe
Primavera Portfolio Management
Subscribe
Primavera Unifier
Subscribe
Rapid Planning
Subscribe
Real-time Decision Server
Subscribe
Real User Experience Insight
Subscribe
Rest Data Services
Subscribe
Retail Allocation
Subscribe
Retail Analytics
Subscribe
Retail Assortment Planning
Subscribe
Retail Back Office
Subscribe
Retail Central Office
Subscribe
Retail Customer Insights
Subscribe
Retail Customer Management And Segmentation Foundation
Subscribe
Retail Eftlink
Subscribe
Retail Extract Transform And Load
Subscribe
Retail Financial Integration
Subscribe
Retail Fiscal Management
Subscribe
Retail Integration Bus
Subscribe
Retail Invoice Matching
Subscribe
Retail Merchandising System
Subscribe
Retail Order Broker
Subscribe
Retail Order Management System
Subscribe
Retail Point-of-sale
Subscribe
Retail Predictive Application Server
Subscribe
Retail Price Management
Subscribe
Retail Returns Management
Subscribe
Retail Service Backbone
Subscribe
Retail Size Profile Optimization
Subscribe
Retail Xstore Point Of Service
Subscribe
Sd-wan Aware
Subscribe
Sd-wan Edge
Subscribe
Secure Backup
Subscribe
Siebel Applications
Subscribe
Solaris
Subscribe
Spatial Studio
Subscribe
Thesaurus Management System
Subscribe
Timesten In-memory Database
Subscribe
Utilities Framework
Subscribe
Utilities Testing Accelerator
Subscribe
Vm Virtualbox
Subscribe
Webcenter Portal
Subscribe
Weblogic Server
Subscribe
Zfs Storage Appliance Kit
Subscribe
Zfs Storage Application Integration Engineering Software
Subscribe
|
|
Redhat
Subscribe
|
Enterprise Linux
Subscribe
Fuse
Subscribe
Hibernate Validator
Subscribe
Jboss Data Grid
Subscribe
Jboss Enterprise Application Platform
Subscribe
Jboss Fuse
Subscribe
Jboss Single Sign On
Subscribe
Openshift Application Runtimes
Subscribe
Satellite
Subscribe
Satellite Capsule
Subscribe
Single Sign-on
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2020-0269 | The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks |
Github GHSA |
GHSA-m8p2-495h-ccmh | The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 16 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Mon, 07 Jul 2025 14:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Wed, 02 Jul 2025 12:30:00 +0000
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-07-07T13:55:51.360Z
Reserved: 2019-03-27T00:00:00.000Z
Link: CVE-2019-10219
No data.
Status : Modified
Published: 2019-11-08T15:15:11.157
Modified: 2025-07-07T14:15:21.437
Link: CVE-2019-10219
OpenCVE Enrichment
No data.
Weaknesses
EUVD
Github GHSA