DEBIAN-CVE-2019-10219

DEBIAN-CVE-2019-10219 PUBLISHED CVSS 6.099999904632568 MEDIUM

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

Risk Scores

CVSS 3.1

6.099999904632568

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
Debian:13	libhibernate-validator-java	5.3.6-3, 0, 5.3.6-3
Debian:12	libhibernate-validator-java	5.3.6-3, 5.3.6-2, 0
Debian:11	libhibernate-validator-java	5.3.6-3, 5.3.6-1, 5.3.6-2
Debian:14	libhibernate-validator-java	0, 5.3.6-3, 0

Exploit Intelligence

shoucheng3/hibernate__hibernate-validator_CVE-2019-10219_6_0_18_Final_fixed (github-poc)
shoucheng3/hibernate__hibernate-validator_CVE-2019-10219_6-0-17-Final (github-poc)
druid-612f0710.json (github-poc)

Timeline

Nov 8, 2019 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2019-10219 advisory

Open in Interactive Console →