Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.27 views

RHEL 8 : Release of OpenShift Serverless Client kn 1.30.1 (RHSA-2023:5479)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5479 advisory. Red Hat OpenShift Serverless Client kn 1.30.1 provides a CLI to interact with Red Hat OpenShift Serverless 1.30.1. The kn CLI is delivered as an RPM...

8.1CVSS7.7AI score0.01215EPSS
Exploits1References9
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/31 2:35 a.m.36 views

Security Bulletin: IBM Event Processing is vulnerable to a denial of service

Summary Operator of IBM Event Processing is vulnerable to an unauthorized endpoint access and possibly a denial of service. CVE-2023-4853 Vulnerability Details CVEID: CVE-2023-4853 DESCRIPTION: Quarkus could allow a remote attacker to bypass security restrictions, caused by improper sanitization ...

8.1CVSS6.6AI score0.01215EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/31 2:34 a.m.24 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to a denial of service

Summary Operator of IBM Event Endpoint Management is vulnerable to an unauthorized endpoint access and possibly a denial of service. CVE-2023-4853 Vulnerability Details CVEID: CVE-2023-4853 DESCRIPTION: Quarkus could allow a remote attacker to bypass security restrictions, caused by improper...

8.1CVSS6.6AI score0.01215EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2023/10/25 1:3 p.m.33 views

Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.4 security one-off update

A one-off update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which provides a detailed severity rating, is available for each vulnerability...

8.1CVSS7.3AI score0.01215EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/10/25 12:34 p.m.53 views

Important: Red Hat Security Advisory: Updated Kogito for Red Hat Process Automation Manager 7.13.4 SP1 Images

A Kogito update is now available for Red Hat Process Automation Manager, including images for Red Hat OpenShift Container Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...

8.1CVSS7.2AI score0.01215EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/10/05 3:27 p.m.34 views

Important: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.30.1 security update

Red Hat OpenShift Serverless 1.30.1 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in t...

8.1CVSS7.2AI score0.01215EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2023/10/05 3:24 p.m.30 views

Important: Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.30.0 SP1 security update

Release of OpenShift Serverless Operator 1.30.1 and OpenShift Serverless Logic 1.30.0 SP1 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS7.2AI score0.01215EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2023/10/04 4:3 p.m.37 views

Important: Red Hat Security Advisory: Red Hat Build of OptaPlanner 8.38.0 SP1

Red Hat build of OptaPlanner 8.38.0 for Quarkus 2.13.8 release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scori...

8.1CVSS7.3AI score0.01215EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/09/21 7:7 p.m.50 views

Important: Red Hat Security Advisory: Red Hat Integration Camel K 1.10.2 release security update

Red Hat Integration Camel K 1.10.2 release and security update is now available. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.1CVSS7.2AI score0.01215EPSS
Exploits1References4
Circl
Circl
added 2023/09/20 2:30 p.m.6 views

CVE-2023-4853

creationtimestamp| type| source ---|---|--- 2023-09-20 14:30:08+00:00| seen| https://t.me/cibsecurity/70793...

8.1CVSS7.8AI score0.01215EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.6 views

io.quarkiverse.renarde:quarkus-renarde (=3.0.4), io.quarkiverse.renarde:quarkus-renarde-backoffice (=3.0.4) +11 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-csrf-reactive (>=3.3.0 <=3.3.2)

io.quarkus:quarkus-csrf-reactive MAVEN version =3.3.0, =3.3.0, =3.3.2 Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.5 views

io.quarkus:quarkus-csrf-reactive-deployment (>=2.13.0.CR1 <=2.16.10.Final) potentially affected by CVE-2023-4853 via io.quarkus:quarkus-csrf-reactive (>=2.13.0.CR1 <=2.16.10.Final)

io.quarkus:quarkus-csrf-reactive MAVEN version =2.13.0.CR1, =2.13.0.CR1, =2.16.10.Final Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.5 views

com.abavilla:fpi-bot-api (>=1.8.1 <=1.8.3), com.abavilla:fpi-bot-api-parent (>=1.8.1 <=1.8.3) +17 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-keycloak-authorization (>=3.3.0 <=3.3.2)

io.quarkus:quarkus-keycloak-authorization MAVEN version =3.3.0, =1.8.1, =1.8.1, =1.8.6, =1.8.6, =1.9.0, =1.9.0, =1.10.1, =1.10.1, =1.0.29, =1.0.29, =1.6.1, =1.6.1, =1.5.1, =1.5.1, =1.3.8, =1.3.10 and more Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.5 views

com.abavilla:fpi-bot-api (>=1.6.0 <=1.8.0), com.abavilla:fpi-bot-api-parent (>=1.6.0 <=1.8.0) +18 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-keycloak-authorization (>=3.0.0.Alpha1 <=3.2.5.Final)

io.quarkus:quarkus-keycloak-authorization MAVEN version =3.0.0.Alpha1, =1.6.0, =1.6.0, =1.8.0, =1.8.0, =1.6.0, =1.6.0, =1.8.0, =1.8.0, =1.0.25, =1.0.25, =1.5.0, =1.5.0, =1.3.1, =1.3.1, =1.3.4, =1.3.7 and more Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.7 views

io.quarkiverse.renarde:quarkus-renarde (=3.0.3), io.quarkiverse.renarde:quarkus-renarde-backoffice (=3.0.3) +10 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-csrf-reactive (>=3.0.0.Alpha1 <=3.2.5.Final)

io.quarkus:quarkus-csrf-reactive MAVEN version =3.0.0.Alpha1, =3.0.0.Alpha1, =3.2.12.Final Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.5 views

com.github.mcollovati:quarkus-hilla (>=2.0.0 <=2.0.1), com.github.mcollovati:quarkus-hilla-deployment (>=2.0.0 <=2.0.1) +8 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-undertow (>=3.3.0 <=3.3.2)

io.quarkus:quarkus-undertow MAVEN version =3.3.0, =2.0.0, =2.0.0, =3.3.0, =3.3.0, =3.3.0, =3.3.2 Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.9 views

com.github.fmcejudo:quarkus-eureka (>=1.0.0 <=1.2.0), com.github.fmcejudo:quarkus-eureka-deployment (>=1.0.0 <=1.2.0) +72 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-undertow (>=3.0.0.Alpha1 <=3.2.5.Final)

io.quarkus:quarkus-undertow MAVEN version =3.0.0.Alpha1, =1.0.0, =1.0.0, =2.0.0-alpha1, =24.4.0, =24.4.0, =2.0.0-alpha1, =24.4.0, =24.4.0, =1.0.0, =2.0.0, =2.0.0, =24.0.0, =24.8.3, =9.2.3, =0.23.0, =0.24.5 and more Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.5 views

ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (=1.2.0), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (=1.2.0) +240 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-vertx-http (>=3.3.0 <=3.3.2)

io.quarkus:quarkus-vertx-http MAVEN version =3.3.0, =0.0.10, =1.8.1, =1.8.1, =1.8.6, =1.8.6, =1.9.0, =1.9.0, =1.10.1, =1.10.1, =1.10.3 and more Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.21 views

com.abavilla:fpi-bot-api (>=1.0.2 <=1.5.0), com.abavilla:fpi-bot-api-core (>=1.0.2 <=1.3.1) +38 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-keycloak-authorization (>=0.27.0 <=2.16.10.Final)

io.quarkus:quarkus-keycloak-authorization MAVEN version =0.27.0, =1.0.2, =1.0.2, =1.0.2, =1.3.2, =1.0.132, =1.0.132, =1.0.133, =1.0.42, =1.0.42, =1.0.42, =1.3.2, =1.0.22, =1.0.22, =1.0.22, =1.3.3, =1.7.1 and more Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
CVE
CVE
added 2023/09/20 9:47 a.m.228 views

CVE-2023-4853

CVE-2023-4853 affects Quarkus, where HTTP security policy sanitization fails for certain character permutations in requests. The root cause is improper sanitization, allowing bypass of the security policy and potentially granting unauthorized access to endpoints and causing denial of service. The...

8.1CVSS7.6AI score0.01215EPSS
Exploits1References12Affected Software1
Rows per page
Query Builder