Lucene search

CVE-2024-36114 Decompressors can crash the JVM and leak memory content in Aircompressor

🗓️ 29 May 2024 20:53:24Reported by GitHub_MType

Aircompressor CVE-2024-36114 fix available for JVM crash and memory content leak

Reporter	Title	Published	Views	Family All 20
OSV	CVE-2024-36114	29 May 202421:15	–	osv
OSV	GHSA-973X-65J7-XCF4 Decompressors can crash the JVM and leak memory content in Aircompressor	2 Jun 202422:30	–	osv
OSV	CGA-J9VP-FHQV-X9MF	19 Jun 202407:36	–	osv
OSV	CGA-X3WJ-35RR-5P3W	6 Jun 202412:26	–	osv
IBM Security Bulletins	Security Bulletin: Vulnerability in Airlift aircompressor affects watsonx.data	5 Sep 202417:58	–	ibm
IBM Security Bulletins	Security Bulletin:IBM Asset Data Dictionary Component uses aircompressor-0.21.jar which is vulnerable to CVE-2024-36114	19 Sep 202415:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities	12 Dec 202402:18	–	ibm
IBM Security Bulletins	Security Bulletin: Netcool Operations Insights 1.6.14 addresses multiple security vulnerabilities.	12 Mar 202514:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps	3 Feb 202522:29	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Analytics is affected by multiple vulnerabilities	27 Jan 202516:12	–	ibm

[
  {
    "vendor": "airlift",
    "product": "aircompressor",
    "versions": [
      {
        "version": "< 0.27",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/airlift/aircompressor/commit/2cea90a45534f9aacbb77426fb64e975504dee6e
github	www.github.com/airlift/aircompressor/commit/cf66151541edb062ea88b6f3baab3f95e48b7b7f
github	www.github.com/airlift/aircompressor/security/advisories/GHSA-973x-65j7-xcf4
github	www.github.com/airlift/aircompressor/commit/15e68df9eb0c2bfde7f796231ee7cd1982965071
github	www.github.com/airlift/aircompressor/commit/d01ecb779375a092d00e224abe7869cdf49ddc3e

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 May 2024 20:24Current

8.6High risk

Vulners AI Score8.6

CVSS38.6

EPSS0.00045