42 matches found
Security Bulletin: Multiple vulnerabilities in eclipse jetty may affect IBM Business Automation Workflow Case Configuration tool
Summary IBM Business Automation Workflow Case configuration tool packages vulnerable versions of the eclipse jetty open source library. Vulnerability Details CVEID:CVE-2023-26049 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to obtain sensitive information, caused by a fl...
Linux Distros Unpatched Vulnerability : CVE-2023-26048
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support e.g. annotated with @MultipartConfig that call...
Security Bulletin: Vulnerabilities in Eclipse Jetty affect watsonx.data
Summary Eclipse Jetty is vulnerable to a denial of service attack and to disclosure of sensitive data attack. These affect watsonx.data. Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the...
OESA-2024-2300 jetty security update
%global desc \ Jetty is a 100% Java HTTP Server and Servlet Container. This means that you\ do not need to configure and run a separate web server like Apache in order\ to use Java, servlets and JSPs to generate dynamic content. Jetty is a fully\ featured web server for static and dynamic content...
OESA-2024-2298 jetty security update
%global desc \ Jetty is a 100% Java HTTP Server and Servlet Container. This means that you\ do not need to configure and run a separate web server like Apache in order\ to use Java, servlets and JSPs to generate dynamic content. Jetty is a fully\ featured web server for static and dynamic content...
OESA-2024-2299 jetty security update
%global desc \ Jetty is a 100% Java HTTP Server and Servlet Container. This means that you\ do not need to configure and run a separate web server like Apache in order\ to use Java, servlets and JSPs to generate dynamic content. Jetty is a fully\ featured web server for static and dynamic content...
Moderate: Red Hat Security Advisory: Red Hat JBoss EAP 7.4.14 XP 4.0.2.GA security release
JBoss EAP XP 4.0.2.GA security release on the EAP 7.4.14 base is now available. See references for release notes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Security Bulletin: A vulnerability has been identified in Apache Solr and Apache Zookeeper shipped with IBM Operations Analytics - Log Analysis (CVE-2023-26048)
Summary There is a potential vulnerability in Eclipse Jetty that is used by Apache Solr and Apache ZooKeeper. This has been addressed Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the...
Security Bulletin: IBM Sterling B2B Integrator affected by vulnerabilities due to Eclipse Jetty (CVE-2023-26048, CVE-2023-26049)
Summary IBM Sterling B2B Integrator uses Eclipse Jetty. Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the HttpServletRequest.getParameter or HttpServletRequest.getParts function. By sending a speciall...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 security update
A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 security update on RHEL 7
New Red Hat Single Sign-On 7.6.7 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 security update on RHEL 8
New Red Hat Single Sign-On 7.6.7 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 for OpenShift image enhancement update
A new image is available for Red Hat Single Sign-On 7.6.7, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...
RHEL 7 : Red Hat Single Sign-On 7.6.7 security update on RHEL 7 (Important) (RHSA-2024:0798)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0798 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...
RHEL 8 : Red Hat Single Sign-On 7.6.7 security update on RHEL 8 (Important) (RHSA-2024:0799)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0799 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 8 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 9 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 9 (RHSA-2023:7639)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7639 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
Security Bulletin: Rational Performance Tester contains vulnerabilities which could affect Eclipse Jetty.
Summary Due to the use of Eclipse Jetty, Rational Performance Tester contains a vulnerability around nonstandard cookie parsing that could allow access to sensitive information, and a vulnerability that could lead to a potential denial of service attack. Vulnerability Details CVEID: CVE-2023-2604...