Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2024-21094 DESCRIPTION: **An unspecified vulnerability in Java SE related...
5.9CVSS
7.5AI Score
0.001EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
5.9CVSS
6.6AI Score
0.0004EPSS
Summary Socket.IO is used by IBM App Connect Enterprise Certified Container for real-time UI updates. IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability in...
7.3CVSS
6.5AI Score
0.0004EPSS
Summary IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to cross-site scripting in the administrative console. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected...
4.8CVSS
4.9AI Score
0.0004EPSS
Summary IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 are vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory...
5.9CVSS
6.5AI Score
0.0004EPSS
Summary IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory...
5.9CVSS
6.5AI Score
0.0004EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
7CVSS
7.7AI Score
0.0004EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
4.7CVSS
6.1AI Score
0.0004EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
7.5CVSS
7.7AI Score
0.0004EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
4.3CVSS
5.1AI Score
0.0004EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
5.9CVSS
6.6AI Score
0.0004EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
7.5AI Score
0.0004EPSS
Summary IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker could exploit this vulnerability to conduct the SSRF attack. X-Force ID:...
4.3CVSS
5.1AI Score
0.0004EPSS
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...
7.5CVSS
7.8AI Score
0.003EPSS
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...
7.5CVSS
7.8AI Score
0.003EPSS
CVE-2020-1472 affecting package samba for versions less than 4.12.5-4
CVE-2020-1472 affecting package samba for versions less than 4.12.5-4. A patched version of the package is...
5.5CVSS
7.2AI Score
0.467EPSS
CVE-2023-44487 affecting package golang for versions less than 1.21.6-1
CVE-2023-44487 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...
7.5CVSS
7.3AI Score
0.732EPSS
CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0
CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0. A patched version of the package is...
5.5CVSS
6AI Score
0.001EPSS
CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1
CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1. A patched version of the package is...
5.9CVSS
6.8AI Score
0.963EPSS
CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2
CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2. A patched version of the package is...
5.9CVSS
6.8AI Score
0.963EPSS
CVE-2023-45285 affecting package golang for versions less than 1.21.6-1
CVE-2023-45285 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...
7.5CVSS
7.7AI Score
0.001EPSS
CVE-2023-5678 affecting package edk2 for versions less than 20230301gitf80f052277c8-38
CVE-2023-5678 affecting package edk2 for versions less than 20230301gitf80f052277c8-38. A patched version of the package is...
5.3CVSS
5.8AI Score
0.001EPSS
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2023-44487 affecting package moby-cli for versions less than 20.10.25-2
CVE-2023-44487 affecting package moby-cli for versions less than 20.10.25-2. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2023-44487 affecting package flannel for versions less than 0.14.0-18
CVE-2023-44487 affecting package flannel for versions less than 0.14.0-18. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1
CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is...
8CVSS
9.9AI Score
0.0004EPSS
CVE-2023-25660 affecting package tensorflow for versions less than 2.11.1-1
CVE-2023-25660 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is...
7.5CVSS
9.1AI Score
0.001EPSS
CVE-2023-25658 affecting package tensorflow for versions less than 2.11.1-1
CVE-2023-25658 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is...
7.5CVSS
9.1AI Score
0.001EPSS
CVE-2023-3817 affecting package rust for versions less than 1.68.2-5
CVE-2023-3817 affecting package rust for versions less than 1.68.2-5. A patched version of the package is...
5.3CVSS
6.3AI Score
0.002EPSS
CVE-2023-29406 affecting package golang for versions less than 1.20.7-1
CVE-2023-29406 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
6.5CVSS
7.3AI Score
0.001EPSS
CVE-2023-29403 affecting package golang for versions less than 1.20.7-1
CVE-2023-29403 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.8CVSS
7.3AI Score
0.001EPSS
CVE-2023-29402 affecting package golang for versions less than 1.20.7-1
CVE-2023-29402 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
9.8CVSS
9.7AI Score
0.005EPSS
CVE-2023-0464 affecting package kata-containers-cc for versions less than 0.4.1-2
CVE-2023-0464 affecting package kata-containers-cc for versions less than 0.4.1-2. This CVE either no longer is or was never...
7.5CVSS
8AI Score
0.003EPSS
CVE-2023-24538 affecting package golang for versions less than 1.19.8-1
CVE-2023-24538 affecting package golang for versions less than 1.19.8-1. A patched version of the package is...
9.8CVSS
10AI Score
0.003EPSS
CVE-2022-41725 affecting package msft-golang for versions less than 1.19.6-1
CVE-2022-41725 affecting package msft-golang for versions less than 1.19.6-1. A patched version of the package is...
7.5CVSS
9.1AI Score
0.001EPSS
CVE-2021-33454 affecting package yasm for versions less than 1.3.0-15
CVE-2021-33454 affecting package yasm for versions less than 1.3.0-15. No patch is available...
5.5CVSS
5.6AI Score
0.001EPSS
CVE-2023-39326 affecting package golang for versions less than 1.21.6-1
CVE-2023-39326 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...
5.3CVSS
7.3AI Score
0.001EPSS
CVE-2023-24536 affecting package golang for versions less than 1.21.6-1
CVE-2023-24536 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...
7.5CVSS
7.3AI Score
0.005EPSS
CVE-2023-45284 affecting package golang for versions less than 1.21.6-1
CVE-2023-45284 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...
5.3CVSS
7.3AI Score
0.001EPSS
CVE-2023-45287 affecting package golang for versions less than 1.21.6-1
CVE-2023-45287 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...
7.5CVSS
7.3AI Score
0.001EPSS
CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3
CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is...
7.5CVSS
7.3AI Score
0.008EPSS
CVE-2023-7008 affecting package systemd for versions less than 123
CVE-2023-7008 affecting package systemd for versions less than 123. A patched version of the package is...
5.9CVSS
5.8AI Score
0.001EPSS
CVE-2024-24787 affecting package msft-golang for versions less than 1.22.3
CVE-2024-24787 affecting package msft-golang for versions less than 1.22.3. A patched version of the package is...
7.3AI Score
0.0004EPSS
CVE-2023-45283 affecting package golang for versions less than 1.21.6-1
CVE-2023-45283 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...
7.5CVSS
7.3AI Score
0.001EPSS
CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5
CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5. A patched version of the package is...
9.8CVSS
9.6AI Score
0.0004EPSS
CVE-2024-23653 affecting package moby-compose for versions less than 2.17.2-7
CVE-2024-23653 affecting package moby-compose for versions less than 2.17.2-7. A patched version of the package is...
9.8CVSS
7.3AI Score
0.001EPSS
CVE-2024-0727 affecting package openssl for versions less than 1.1.1k-29
CVE-2024-0727 affecting package openssl for versions less than 1.1.1k-29. A patched version of the package is...
5.5CVSS
5.7AI Score
0.002EPSS
CVE-2024-0727 affecting package nodejs for versions less than 16.20.2-2
CVE-2024-0727 affecting package nodejs for versions less than 16.20.2-2. This CVE either no longer is or was never...
5.5CVSS
6AI Score
0.002EPSS
CVE-2020-28163 affecting package libdwarf for versions less than 0.9.0
CVE-2020-28163 affecting package libdwarf for versions less than 0.9.0. A patched version of the package is...
6.5CVSS
6.6AI Score
0.001EPSS
CVE-2019-14249 affecting package libdwarf for versions less than 0.9.0
CVE-2019-14249 affecting package libdwarf for versions less than 0.9.0. A patched version of the package is...
6.5CVSS
6.5AI Score
0.002EPSS