CyberSec.Space Logo
返回 CVE 浏览器

CVE-2017-5529

MEDIUM
4.1
CVSS Severity Score
EPSS Score0.0040%
EPSS Percentile17.26th
Published2017年6月29日
Last Modified2026年5月13日

Vulnerability Description

JasperReports library components contain an information disclosure vulnerability. This vulnerability includes the theoretical disclosure of any accessible information from the host file system. Affects TIBCO JasperReports Library Community Edition (versions 6.4.0 and below), TIBCO JasperReports Library for ActiveMatrix BPM (versions 6.2.0 and below), TIBCO JasperReports Professional (versions 6.2.1 and below, and 6.3.0), TIBCO JasperReports Server (versions 6.1.1 and below, 6.2.0, 6.2.1, 6.3.0), TIBCO JasperReports Server Community Edition (versions 6.3.0 and below), TIBCO JasperReports Server for ActiveMatrix BPM (versions 6.2.0 and below), TIBCO Jaspersoft for AWS with Multi-Tenancy (versions 6.3.0 and below), TIBCO Jaspersoft Reporting and Analytics for AWS (versions 6.3.0 and below), and TIBCO Jaspersoft Studio for ActiveMatrix BPM (versions 6.2.0 and below).

Affected Platforms (CPE)

📦
Tibco

Jasperreports Library Community Edition

<= 6.4.0
📦
Tibco

Jasperreports Library For Activematrix Bpm

<= 6.2.0
📦
Tibco

Jasperreports Professional

<= 6.2.1
📦
Tibco

Jasperreports Professional

= 6.3.0
📦
Tibco

Jasperreports Server

<= 6.1.1
📦
Tibco

Jasperreports Server

= 6.2.0
📦
Tibco

Jasperreports Server

= 6.2.1
📦
Tibco

Jasperreports Server

= 6.3.0
📦
Tibco

Jasperreports Server Community Edition

<= 6.3.0
📦
Tibco

Jasperreports Server For Activematrix Bpm

<= 6.2.0
📦
Tibco

Jaspersoft For Aws With Multi Tenancy

<= 6.3.0
📦
Tibco

Jaspersoft Reporting And Analytics For Aws

<= 6.3.0
📦
Tibco

Jaspersoft Studio For Activematrix Bpm

<= 6.2.0

References & Advisories

🔗 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
🔗 http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
🔗 https://www.oracle.com/security-alerts/cpuapr2020.html
🔗 https://www.tibco.com/support/advisories/2017/06/tibco-security-advisory-june-28-2017-tibco-jasperreports-server-2017-0
🔗 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
🔗 http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
🔗 https://www.oracle.com/security-alerts/cpuapr2020.html
🔗 https://www.tibco.com/support/advisories/2017/06/tibco-security-advisory-june-28-2017-tibco-jasperreports-server-2017-0

相关漏洞威胁

CVE-2018-54298.8

A vulnerability in the report scripting component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server ...

CVE-2018-188096.5

The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edit...

CVE-2017-55325.4

A vulnerability in the report renderer component of TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBC...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...