9 matches found
ai.catboost:catboost-spark_4.0_2.13 (=1.2.10), ai.catboost:catboost-spark_4.1_2.13 (=1.2.10) +541 more potentially affected by CVE-2025-67721 via io.airlift:aircompressor (=2.0.2)
io.airlift:aircompressor MAVEN version =2.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on io.airlift:aircompressor and may be impacted: - ai.catboost:catboost-spark4.02.13 =1.2.10 - ai.catboost:catboost-spark4.12.13 =1.2.10 - ai.h2o:h2o-orc-parser...
io.airlift:http-server (=324), io.airlift:jmx-http (=324) +5 more potentially affected by CVE-2025-5115 via org.eclipse.jetty.http2:jetty-http2-server (>=12.1.0.alpha0 <=12.1.0.beta2)
org.eclipse.jetty.http2:jetty-http2-server MAVEN version =12.1.0.alpha0, =12.1.0.alpha2, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.beta2 Source cves: CVE-2025-5115 Source advisory: SNYK:JAVA-ORGECLIPSEJETTYHTTP2-12047652...
io.airlift:discovery (=324), io.airlift:http-client (=324) +13 more potentially affected by CVE-2025-5115 via org.eclipse.jetty.http2:jetty-http2-common (>=12.1.0.alpha0 <=12.1.0.beta2)
org.eclipse.jetty.http2:jetty-http2-common MAVEN version =12.1.0.alpha0, =12.1.0.alpha2, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.beta2 Source cves: CVE-2025-5115 Source advisory: OSV:GHSA-MMXM-8W33-WC4H...
io.airlift:discovery (=324), io.airlift:http-client (=324) +13 more potentially affected by CVE-2025-5115 via org.eclipse.jetty.http2:jetty-http2-common (>=12.1.0.alpha0 <=12.1.0.beta2)
org.eclipse.jetty.http2:jetty-http2-common MAVEN version =12.1.0.alpha0, =12.1.0.alpha2, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.beta2 Source cves: CVE-2025-5115 Source advisory: SNYK:JAVA-ORGECLIPSEJETTYHTTP2-12047664...
Vulnerabilities fixed in Microsoft Azure
Microsoft has fixed vulnerabilities in several Azure components. A malicious person could exploit the vulnerabilities to grant themselves elevated privileges within the vulnerable components. The most serious vulnerability is in CycleCloud and has been assigned attribute CVE-2024-43602. CycleClou...
Airlift.microsoft.com Elevation of Privilege Vulnerability
Authentication bypass by assumed-immutable data on airlift.microsoft.com allows an authorized attacker to elevate privileges over a network...
Microsoft airlift.microsoft.com 安全漏洞
Microsoft airlift.microsoft.com is a technical training and product feedback Web site of Microsoft Corporation USA. A security vulnerability exists in Microsoft airlift.microsoft.com. An attacker could exploit the vulnerability to elevate privileges. No information about this vulnerability is...
PT-2024-33326 · Airlift · Airlift
Name of the Vulnerable Software and Affected Versions: Airlift affected versions not specified Description: The issue allows an authorized attacker to elevate privileges over a network by exploiting an authentication bypass vulnerability based on assumed-immutable data. Recommendations: At the...
Security Bulletin: Vulnerability in Airlift aircompressor affects watsonx.data
Summary Airlift aircompressor could allow a local attacker to obtain sensitive information, caused by an out-of-bounds read/write flaw in the decompressor implementations. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2024-36114 DESCRIPTION: airlift aircompressor could allow a loc...