Lucene search
K

15 matches found

Chainguard
Chainguard
added 2026/04/10 2:13 a.m.9 views

CVE-2023-35887 vulnerabilities

Vulnerabilities for packages: hadoop-fips...

5CVSS6.6AI score0.01311EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/14 1:36 p.m.25 views

Security Bulletin: IBM B2B Sterling Integrator is affected by Apache MINA SSHD vulnerability to information disclosure (CVE-2023-35887)

Summary IBM B2B Sterling Integrator is affected by Apache MINA SSHD vulnerability to information disclosure. Vulnerability Details CVEID:CVE-2023-35887 DESCRIPTION: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers...

5CVSS5.9AI score0.01311EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/03/06 3:38 p.m.56 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.1 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7AI score0.93305EPSS
Exploits5References6
RedHat Linux
RedHat Linux
added 2024/03/06 3:32 p.m.45 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.1 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

8.8CVSS7AI score0.93305EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2024/03/06 3:32 p.m.54 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.1 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

8.8CVSS7AI score0.93305EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2023/12/04 6:2 p.m.67 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 8 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS7AI score0.99999EPSS
Exploits19References34
RedHat Linux
RedHat Linux
added 2023/12/04 6:2 p.m.63 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References33
RedHat Linux
RedHat Linux
added 2023/12/04 6:0 p.m.63 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 9 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS7AI score0.99999EPSS
Exploits19References34
Tenable Nessus
Tenable Nessus
added 2023/12/04 12:0 a.m.54 views

RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 9 (RHSA-2023:7639)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7639 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References43
vulnersOsv
vulnersOsv
added 2023/07/10 6:30 p.m.6 views

at.crea-doo.util.toughswitch:toughswitch (>=1.0.0 <=1.0.2), au.com.versent.jenkins.plugins:ignore-committer-strategy (>=29.v7c3891a_434c3 <=57.v0756db_b_f6926) +1840 more potentially affected by CVE-2023-35887 via org.apache.sshd:sshd-core (>=1.0.0 <=2.18.0)

org.apache.sshd:sshd-core MAVEN version =1.0.0, =1.0.0, =29.v7c3891a434c3, =3.3.0, =1.1.0, =0.5.4, =0.8.0, =2.4.0, =2.4.0, =2.4.0, =2.4.0, =1.1.0, =2.7.6, =2.8.0 and more Source cves: CVE-2023-35887 Source advisory: OSV:GHSA-MJMQ-GWGM-5QHM...

5CVSS6.6AI score0.01311EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/07/10 6:30 p.m.3 views

ch.admin.bit.jeap:jeap-archrepo-docgen (>=2.10.0 <=6.2.0), ch.admin.bit.jeap:jeap-archrepo-importer-messagetype (>=1.10.0 <=6.2.0) +505 more potentially affected by CVE-2023-35887 via org.apache.sshd:sshd-sftp (>=2.0.0 <=2.9.2)

org.apache.sshd:sshd-sftp MAVEN version =2.0.0, =2.10.0, =1.10.0, =1.10.0, =1.15.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =3.26.0, =3.26.0, =3.26.0, =3.26.0, =1.1.0, =1.1.1 - com.ailbb:alt =1.5 - com.amashchenko.maven.plugin:gitflow-maven-plugin =1.21.0 and more Source cves: CVE-2023-35887 Source...

5CVSS6.6AI score0.01311EPSS
Exploits0
NVD
NVD
added 2023/07/10 4:15 p.m.19 views

CVE-2023-35887

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not exist" information about items outside the root...

5CVSS5.9AI score0.01311EPSS
Exploits0References1
CVE
CVE
added 2023/07/10 9:28 a.m.495 views

CVE-2023-35887

CVE-2023-35887 affects Apache MINA SSHD when using RootedFileSystem in SFTP servers. The root cause is path traversal outside the rooted tree via paths with '..' or symlinks, allowing logged-in users to discover existence/non-existence of items outside the rooted directory. Affected: Apache MINA ...

5CVSS5.6AI score0.01311EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/07/10 9:28 a.m.37 views

CVE-2023-35887 Apache MINA SSHD: Information disclosure bugs with RootedFilesystem

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not exist" information about items outside the root...

5CVSS6.6AI score0.01311EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2023/07/10 9:28 a.m.17 views

CVE-2023-35887

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not exist" information about items outside the root...

5CVSS5.8AI score0.01311EPSS
Exploits0
Rows per page
Query Builder