Software: xmlrpc 3.1.3 OS: ROSA Virtualization 2.1 package_evr_string: xmlrpc-3.1.3-1.0.1.1.rv3 CVE-ID: CVE-2019-17570 BDU-ID: 2020-01960 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of the Apache XML-RPC library is related to an error in the deserialization of a server-side exception serialized in the faultCause attribute of XMLRPC error response messages. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data, compromise its integrity, and cause a denial-of-service condition CVE-STATUS: The vulnerability has been resolved. CVE-REV: To close the vulnerability, run the command: yum update…Read More