ROOT-APP-MAVEN-CVE-2023-2976 CVE-2023-2976 in io.root.com.google.guava:guava - Patched by Root

Root has patched CVE-2023-2976 in the io.root.com.google.guava:guava package for Root:Maven. Multiple fixed versions available...

Security Bulletin: IBM webMethods Integration Server is affected by vulnerable Google Guava 30.0 jar used in the GraphQL functionality

Summary Google Guava is used by IBM webMethods Integration Server as part of the GraphQL functionality. CVE-2023-2976, CVE-2020-8908. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versio...

Security Bulletin: Multiple Security Vulnerabilities in Google Guava Affects IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator has addressed the security vulnerabilities from Google Guava Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and...

Linux Distros Unpatched Vulnerability : CVE-2023-2976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream...

Security Bulletin: IBM Maximo Application Suite -Iot Component uses multiple third party jars which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite -Iot Component uses commons-codec-1.9.jar,classgraph-4.8.78.jar,guava-19.0.jar,commons-io-2.8.0.jar,json-20160212.jar,httpclient-4.5.2.jar,cryptography-43.0.0-cp39-abi3-manylinux228x8664.whl which is vulnerable to CVE-2023-2976, CVE-2018-10237, CVE-2020-8908,...

Oracle Siebel Server (April 2024 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the April 2024 CPU advisory. - Vulnerability in the Siebel Apps - Public Sector product of Oracle Siebel CRM component: Other Google Guava. Supported versions that are affected are 24.2...

Security Bulletin: Vulnerability in Google Guava affects IBM watsonx.data

Summary Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using Java's default temporary directory for file creation in FileBackedOutputStream. By sending a specially crafted request, an attacker could exploit this vulnerability to acce...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in guava-23.0.jar

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of guava-23.0.jar Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using Java's default...

Security Bulletin: The IBM QRadar SIEM Amazon Web Services protocol is vulnerable to access restriction bypass and sensitive information exposure (CVE-2020-8908, CVE-2023-2976)

Summary Google Guava is used by IBM QRadar SIEM Amazon Web Services protocol, and it has known vulnerabilities. The issues have been addressed in an update. Vulnerability Details CVEID:CVE-2020-8908 DESCRIPTION: Guava could allow a remote authenticated attacker to bypass security restrictions,...

Oracle WebCenter Sites (Jul 2024 CPU)

The 12.2.1.4.0 versions of WebCenter Sites installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: WebCenter Sites Spring Security. The supported...

Security Bulletin: Google Guava vulnerability affect IBM Spectrum Control

Summary Google Guava could allow a local authenticated attacker to obtain sensitive information. This vulnerability affect IBM Spectrum Control. CVE-2023-2976. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive...

CBL Mariner 2.0 Security Update: guava / javapackages-bootstrap (CVE-2023-2976)

The version of guava / javapackages-bootstrap installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2976 advisory. - Use of Java's default temporary directory for file creation in FileBackedOutputStream...

CVE-2023-2976 affecting package guava for versions less than 25.0-8

CVE-2023-2976 affecting package guava for versions less than 25.0-8. A patched version of the package is available...

Security Bulletin: InfoSphere Data Replication is affected by a guava package vulnerbility (CVE-2023-2976)

Summary InfoSphere Data Replication uses the guava package. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw wit...

RHEL 6 : guava (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - guava: insecure temporary directory creation CVE-2023-2976 Note that Nessus has not tested for this issue but has...

RHEL 8 : guava (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - guava: insecure temporary directory creation CVE-2023-2976 Note that Nessus has not tested for this issue but has...

RHEL 9 : guava (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - guava: insecure temporary directory creation CVE-2023-2976 Note that Nessus has not tested for this issue but has...

Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update

Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel security update

Red Hat build of Apache Camel 4.4.0 for Spring Boot release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Updated guava packages fix security vulnerabilities

A bug that could allow an attacker with access to the machine to potentially access data in a temporary directory created by the Guava. CVE-2020-8908 Predictable temporary files and directories used in FileBackedOutputStream. CVE-2023-2976...