Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.7 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.24 (RHSA-2026:4915)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4915 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS6.1AI score0.02772EPSS
Exploits5References23
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.4 views

RHEL 8 : Red Hat JBoss Enterprise Application Platform 8.0.11 (RHSA-2025:22773)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22773 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release ...

7.5CVSS7.1AI score0.01256EPSS
Exploits1References20
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.4 views

RHEL 9 : Red Hat JBoss Enterprise Application Platform 8.1.2 Security update (Moderate) (RHSA-2025:22188)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22188 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Ha...

6.8CVSS6.9AI score0.0104EPSS
Exploits1References35
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.4 views

RHEL 8 : Red Hat JBoss Enterprise Application Platform 8.1.2 (RHSA-2025:22187)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22187 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Ha...

6.8CVSS6.9AI score0.0104EPSS
Exploits1References35
RedHat Linux
RedHat Linux
added 2025/11/26 4:59 p.m.6 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

6.8CVSS6.9AI score0.0104EPSS
Exploits1References32
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/11 1:30 p.m.7 views

Security Bulletin: Due to the use of Eclipse JGit, IBM webMethods Integration is affected by denial of service, and other security issues.

Summary Eclipse JGit is used by IBM webMethods Integration in repository function CVE-2025-4949 Vulnerability Details CVEID:CVE-2025-4949 DESCRIPTION: In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implemen...

6.8CVSS6.4AI score0.0104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/18 10:33 a.m.7 views

Security Bulletin: IBM Application Modernization Accelerator is affected by multiple vulnerabilities found in Java and Node.js (CVE-2025-48924, CVE-2025-4949)

Summary There are multiple vulnerabilities in Java and Node.js used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

6.8CVSS7.4AI score0.02164EPSS
Exploits1Affected Software1
OSV
OSV
added 2025/08/12 12:45 p.m.2 views

SUSE-SU-2025:02762-1 Security update for eclipse-jgit

This update for eclipse-jgit fixes the following issues: - CVE-2025-4949: Fixed the XXE vulnerability in ManifestParser and AmazonS3 class bsc1243647...

6.8CVSS7.1AI score0.0104EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2025/07/05 12:0 a.m.5 views

jgit-5.11.0-2.1 on GA media (moderate)

jgit-5.11.0-2.1 on GA media Announcement ID: openSUSE-SU-2025:15232-1 Rating: moderate Cross-References: CVE-2023-4759 CVE-2025-4949 CVSS scores: CVE-2023-4759 SUSE : 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2025-4949 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N Affected...

7.5CVSS7.5AI score0.01884EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2025/05/26 11:49 a.m.6 views

SUSE CVE-2025-4949

In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files in an Amazon S3 bucket, are vulnerable to XML External Entity XXE...

4.8CVSS7.1AI score0.0104EPSS
Exploits1References4
Chainguard
Chainguard
added 2025/05/23 1:16 p.m.33 views

CVE-2025-4949 vulnerabilities

Vulnerabilities for packages: gradle, nextflow, apache-nifi-registry, wildfly, sonarqube-10, apicurio-registry, thingsboard...

6.8CVSS6.7AI score0.0104EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/05/21 9:31 p.m.7 views

ai.pipestream:quarkus-grpc-gatherer-deployment (>=0.1.0 <=0.1.1), ch.admin.bit.jeap:jeap-archrepo-importer-messagetype (>=1.10.0 <=1.23.0) +182 more potentially affected by CVE-2025-4949 via org.eclipse.jgit:org.eclipse.jgit (=7.1.0.202411261347-r)

org.eclipse.jgit:org.eclipse.jgit MAVEN version =7.1.0.202411261347-r is affected by a known vulnerability. The following packages have a transitive dependency on org.eclipse.jgit:org.eclipse.jgit and may be impacted: - ai.pipestream:quarkus-grpc-gatherer-deployment =0.1.0, =1.10.0, =1.10.0,...

6.8CVSS6.9AI score0.0104EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/05/21 9:31 p.m.8 views

at.molindo:git-commit-id-plugin (=2.1.10-alpha-1), at.nonblocking:nonsnapshot-maven-plugin (=3.0.1) +4321 more potentially affected by CVE-2025-4949 via org.eclipse.jgit:org.eclipse.jgit (>=1.2.0.201112221803-r <=5.13.3.202401111512-r)

org.eclipse.jgit:org.eclipse.jgit MAVEN version =1.2.0.201112221803-r, =2.0.0, =2.0.4, =0.1.1, =0.1.1, =2.0.0, =0.0.1, =0.2.8, =1.5.6 - br.com.sabium.gradle-bump:br.com.sabium.gradle-bump.gradle.plugin =1.0.1 and more Source cves: CVE-2025-4949 Source advisory: OSV:GHSA-VRPQ-QP53-QV56...

6.8CVSS6.9AI score0.0104EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/05/21 9:31 p.m.11 views

au.com.versent.jenkins.plugins:ignore-committer-strategy (>=37.v0d3157c4a_ef8 <=57.v0756db_b_f6926), ch.admin.bit.jeap:jeap-initializer (>=2.6.0 <=4.1.0) +224 more potentially affected by CVE-2025-4949 via org.eclipse.jgit:org.eclipse.jgit (=7.0.0.202409031743-r)

org.eclipse.jgit:org.eclipse.jgit MAVEN version =7.0.0.202409031743-r is affected by a known vulnerability. The following packages have a transitive dependency on org.eclipse.jgit:org.eclipse.jgit and may be impacted: - au.com.versent.jenkins.plugins:ignore-committer-strategy =37.v0d3157c4aef8,...

6.8CVSS6.9AI score0.0104EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/21 9:16 a.m.14 views

CVE-2025-4949

A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues via parsing XML files...

4.8CVSS6.7AI score0.0104EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/05/21 6:47 a.m.18 views

CVE-2025-4949 XXE vulnerability in Eclipse JGit

In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files in an Amazon S3 bucket, are vulnerable to XML External Entity XXE...

6.8CVSS0.0104EPSS
Exploits1References7
CVE
CVE
added 2025/05/21 6:47 a.m.265 views

CVE-2025-4949

CVE-2025-4949 is an XXE vulnerability in Eclipse JGit (ManifestParser used by repo and AmazonS3 transport). IBM documentation links this CVE to IBM WebMethods Integration (on prem) 11.1 with fixes in 11.1 Fix 2 and related 2.0.3 components; IBM security pages list a remediation path via updating ...

6.8CVSS5.3AI score0.0104EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder