Security Bulletin: IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Real Time Action and Base Module affected by multiple vulnerabilities (CVE-2023-46219, CVE-2023-46218, CVE-2023-52071, CVE-2024-0853)

Summary Vulnerabilities contained within libcurl a 3rd party component were addressed in the IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Realtime Action and Base Modules. Vulnerability Details CVEID:CVE-2023-46219 DESCRIPTION: cURL libcurl could allow a remote...

CVE-2023-52071 affecting package tensorflow for versions less than 2.16.1-1

CVE-2023-52071 affecting package tensorflow for versions less than 2.16.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-52071

creationtimestamp| type| source ---|---|--- 2024-01-30 08:31:58+00:00| seen| https://t.me/ctinow/175732 2024-02-21 23:21:44+00:00| seen| https://t.me/ctinow/190187...

CVE-2023-52071

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2023-52071

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2023-52071

...

CVE-2023-52071

Removed by vendor...

CVE-2023-52071

The CVE-2023-52071 entry is tied to curl/libcurl. The IBM bulletin notes a stack-based buffer overflow in tool_cb_wrt within libcurl, caused by improper bounds checking, which could let a remote attacker overflow a buffer and execute code or cause a denial of service. Affected IBM MaaS360 compone...