89 matches found
Moderate: Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update
An update for Logging Subsystem 5.6.0 is now available for Red Hat OpenShift Container Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 2.3.0 release and security update
Red Hat AMQ Streams 2.3.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to FasterXML jackson-databind (CVE-2022-42003)
Summary IBM Sterling Connect:Direct Web Services is vulnerable to FasterXML jackson-databind Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in the primitive value deserializers when the...
Important: Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.4 security update
An update is now available for Red Hat build of Eclipse Vert.x. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more...
Security Bulletin: IBM Sterling Connect:Direct for UNIX is vulnerable to denial of service due to FasterXML jackson-databind (CVE-2022-42003)
Summary IBM Sterling Connect:Direct for UNIX object store service and File Agent component are vulnerable to denial of service due to FasterXML jackson-databind. FasterXML jackson-databind has been upgraded to version 2.14.0 in IBM Sterling Connect:Direct for UNIX object store service and File...
Important: Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...
Security Bulletin: IBM Tivoli Netcool/OMNIbus Probe and Integrations Library are affected by vulnerabilities in FasterXML jackson-databind (CVE-2022-42004, CVE-2022-42003)
Summary FasterXML jackson-databind is used by IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library and Probe for Microsoft Exchange Web Services. The latest patches include FasterXML jackson-databind 2.13.4.2 that fixes the vulnerabilities. CVE-2022-42004, CVE-2022-42003...
Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty, FasterXML jackson-databind, and Zlib affect IBM Spectrum Protect for Space Management Client (CVE-2022-34165, CVE-2022-42003, CVE-2022-42004, CVE-2018-25032)
Summary IBM Spectrum Protect for Space Management Client can be affected by vulnerabilities in IBM WebSphere Application Server Liberty, FasterXML jackson-databind, and Zlib. Vulnerabilities include HTTP header injection and denial of service, as described by the CVEs in the "Vulnerability Detail...
Moderate: Red Hat Security Advisory: Openshift Logging 5.3.14 bug fix release and security update
Openshift Logging Bug Fix Release 5.3.14 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
Moderate: Red Hat Security Advisory: Logging Subsystem 5.5.5 - Red Hat OpenShift security update
Logging Subsystem 5.5.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to FasterXML jackson-databind denial of service (CVE-2022-42003)
Summary Potential vulnerabilities in FasterXML jackson-databind which is caused by a lack of a check in the primitive value deserializers when the UNWRAPSINGLEVALUEARRAYS feature is enabled CVE-2022-42003 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer t...
Debian: Security Advisory (DLA-3207-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3207-1] jackson-databind security update
Debian LTS Advisory DLA-3207-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 27, 2022 https://wiki.debian.org/LTS Package : jackson-databind Version : 2.9.8-3+deb10u4 CVE ID : CVE-2020-36518 CVE-2022-42003 CVE-2022-42004 Debian Bug : 1007109 Several fla...
Debian dla-3207 : libjackson2-databind-java - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3207 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3207-1 [email protected]...
Debian: Security Advisory (DSA-5283-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-5283-1 : jackson-databind - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5283 advisory. - jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. CVE-2020-36518 - In FasterXML...
[SECURITY] [DSA 5283-1] jackson-databind security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5283-1 [email protected] https://www.debian.org/security/ Markus Koschany November 17, 2022 https://www.debian.org/security/faq -...
Moderate: Red Hat Security Advisory: Logging Subsystem 5.4.8 - Red Hat OpenShift security update
An update is now available for Logging subsystem for Red Hat OpenShift 5.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
SUSE: Security Advisory (SUSE-SU-2022:3995-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : jackson-databind (SUSE-SU-2022:3995-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3995-1 advisory. Update to version 2.13.4.2: - CVE-2022-42003: Fixed missing check in primitive value deserialize...