Lucene search
K

42 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/05/29 3:54 p.m.25 views

Security Bulletin: Multiple vulnerabilities in eclipse jetty may affect IBM Business Automation Workflow Case Configuration tool

Summary IBM Business Automation Workflow Case configuration tool packages vulnerable versions of the eclipse jetty open source library. Vulnerability Details CVEID:CVE-2023-26049 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to obtain sensitive information, caused by a fl...

9.8CVSS6.9AI score0.7848EPSS
Exploits2Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2023-26048

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support e.g. annotated with @MultipartConfig that call...

5.3CVSS6.9AI score0.0326EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/06 6:16 a.m.23 views

Security Bulletin: Vulnerabilities in Eclipse Jetty affect watsonx.data

Summary Eclipse Jetty is vulnerable to a denial of service attack and to disclosure of sensitive data attack. These affect watsonx.data. Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the...

5.3CVSS8.8AI score0.0326EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/10/25 11:9 a.m.3 views

OESA-2024-2300 jetty security update

%global desc \ Jetty is a 100% Java HTTP Server and Servlet Container. This means that you\ do not need to configure and run a separate web server like Apache in order\ to use Java, servlets and JSPs to generate dynamic content. Jetty is a fully\ featured web server for static and dynamic content...

5.3CVSS6.8AI score0.0326EPSS
Exploits1References4
OSV
OSV
added 2024/10/25 11:9 a.m.3 views

OESA-2024-2298 jetty security update

%global desc \ Jetty is a 100% Java HTTP Server and Servlet Container. This means that you\ do not need to configure and run a separate web server like Apache in order\ to use Java, servlets and JSPs to generate dynamic content. Jetty is a fully\ featured web server for static and dynamic content...

5.3CVSS6.8AI score0.0326EPSS
Exploits1References4
OSV
OSV
added 2024/10/25 11:9 a.m.5 views

OESA-2024-2299 jetty security update

%global desc \ Jetty is a 100% Java HTTP Server and Servlet Container. This means that you\ do not need to configure and run a separate web server like Apache in order\ to use Java, servlets and JSPs to generate dynamic content. Jetty is a fully\ featured web server for static and dynamic content...

5.3CVSS6.8AI score0.0326EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/05/28 11:19 a.m.101 views

Moderate: Red Hat Security Advisory: Red Hat JBoss EAP 7.4.14 XP 4.0.2.GA security release

JBoss EAP XP 4.0.2.GA security release on the EAP 7.4.14 base is now available. See references for release notes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS6.7AI score0.0326EPSS
Exploits1References10
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/15 5:46 p.m.32 views

Security Bulletin: A vulnerability has been identified in Apache Solr and Apache Zookeeper shipped with IBM Operations Analytics - Log Analysis (CVE-2023-26048)

Summary There is a potential vulnerability in Eclipse Jetty that is used by Apache Solr and Apache ZooKeeper. This has been addressed Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the...

5.3CVSS5.5AI score0.0326EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/22 4:24 p.m.33 views

Security Bulletin: IBM Sterling B2B Integrator affected by vulnerabilities due to Eclipse Jetty (CVE-2023-26048, CVE-2023-26049)

Summary IBM Sterling B2B Integrator uses Eclipse Jetty. Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the HttpServletRequest.getParameter or HttpServletRequest.getParts function. By sending a speciall...

5.3CVSS5.8AI score0.0326EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/02/13 5:7 p.m.40 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 security update

A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.1CVSS6.7AI score0.0326EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2024/02/13 4:55 p.m.49 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 security update on RHEL 7

New Red Hat Single Sign-On 7.6.7 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.1CVSS6.8AI score0.0326EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2024/02/13 4:55 p.m.36 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 security update on RHEL 8

New Red Hat Single Sign-On 7.6.7 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.1CVSS6.8AI score0.0326EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2024/02/13 4:54 p.m.44 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 for OpenShift image enhancement update

A new image is available for Red Hat Single Sign-On 7.6.7, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

7.1CVSS6.7AI score0.0326EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/02/13 12:0 a.m.54 views

RHEL 7 : Red Hat Single Sign-On 7.6.7 security update on RHEL 7 (Important) (RHSA-2024:0798)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0798 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

7.1CVSS7.2AI score0.0326EPSS
Exploits1References18
Tenable Nessus
Tenable Nessus
added 2024/02/13 12:0 a.m.45 views

RHEL 8 : Red Hat Single Sign-On 7.6.7 security update on RHEL 8 (Important) (RHSA-2024:0799)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0799 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

7.1CVSS7.2AI score0.0326EPSS
Exploits1References18
RedHat Linux
RedHat Linux
added 2023/12/04 6:2 p.m.67 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 8 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS7AI score0.99999EPSS
Exploits19References34
RedHat Linux
RedHat Linux
added 2023/12/04 6:2 p.m.60 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References33
RedHat Linux
RedHat Linux
added 2023/12/04 6:0 p.m.61 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 9 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS7AI score0.99999EPSS
Exploits19References34
Tenable Nessus
Tenable Nessus
added 2023/12/04 12:0 a.m.54 views

RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 9 (RHSA-2023:7639)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7639 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References43
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/27 6:9 p.m.39 views

Security Bulletin: Rational Performance Tester contains vulnerabilities which could affect Eclipse Jetty.

Summary Due to the use of Eclipse Jetty, Rational Performance Tester contains a vulnerability around nonstandard cookie parsing that could allow access to sensitive information, and a vulnerability that could lead to a potential denial of service attack. Vulnerability Details CVEID: CVE-2023-2604...

5.3CVSS6AI score0.0326EPSS
Exploits0Affected Software1
Rows per page
Query Builder