Lucene search
K

28 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/02/05 11:26 a.m.7 views

Security Bulletin: Due to the use of jackson-core, IBM webMethods BPM and IBM webMethods Integration are vulnerable to multiple vulnerabilities

Summary IBM webMethods BPM and IBM webMethods Integration are dependant on jackson-databind which is affected by a known vulnerabilities WS-2022-0468, CVE-2022-42004, CVE-2022-42003, CVE-2023-35116. This security bulletin provides guidance on addressing the vulnerability. Vulnerability Details...

7.5CVSS6.7AI score0.02824EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/14 7:59 p.m.19 views

Security Bulletin: IBM DataStage on Cloud Pak for Data is vulnerable to denial of service due to the FasterXML jackson-databind package (CVE-2023-35116)

Summary Jackson-databind is used by IBM DataStage on Cloud Pak for Data as part of data processing. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based overflow. By persuading a victim to open a specially...

4.7CVSS4.8AI score0.00352EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/13 11:10 p.m.10 views

Security Bulletin: IBM DataStage on Cloud Pak for Data is vulnerable to denial of service due to the FasterXML jackson-databind package (CVE-2023-35116)

Summary Jackson-databind is used by IBM DataStage on Cloud Pak for Data as part of data processing. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based overflow. By persuading a victim to open a specially...

4.7CVSS4.8AI score0.00352EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-35116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies...

4.7CVSS6.2AI score0.00352EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/14 4:36 p.m.22 views

Security Bulletin: IBM B2B Sterling Integrator is affected by Fasterxml jackson-databind vulnerability to denial of service

Summary IBM B2B Sterling Integrator is affected by Fasterxml jackson-databind vulnerability to denial of service Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based overflow. By persuading a victim to ope...

4.7CVSS6.5AI score0.00352EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/09/19 6:12 p.m.29 views

Moderate: Red Hat Security Advisory: Red Hat AMQ Broker 7.12.0 release and security update

Red Hat AMQ Broker 7.12.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS6.6AI score0.01762EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/08 9:36 a.m.26 views

Security Bulletin: Fasterxml jackson-databind vulnerability affect IBM Spectrum Control

Summary Fasterxml jackson-databind is vulnerable to a denial of service. This vulnerability affect IBM Spectrum Control. CVE-2023-35116. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based overflow. By...

4.7CVSS5.8AI score0.00352EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/01 12:0 a.m.62 views

Splunk Enterprise 9.0.0 < 9.0.9, 9.1.0 < 9.1.4, 9.2.0 < 9.2.1 (SVD-2024-0718)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0718 advisory. - jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted objec...

9.8CVSS7.9AI score0.10608EPSS
Exploits13References24
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.30 views

RHEL 9 : jackson-databind (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - jackson-databind: denial of service via cylic dependencies CVE-2023-35116 Note that Nessus has not tested for this...

4.7CVSS7.3AI score0.00352EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.29 views

RHEL 6 : jackson-databind (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - jackson-databind: denial of service via cylic dependencies CVE-2023-35116 Note that Nessus has not tested for this...

4.7CVSS6.9AI score0.00352EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/05/06 2:10 p.m.93 views

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel security update

Red Hat build of Apache Camel 4.4.0 for Spring Boot release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

9.1CVSS7.1AI score0.14286EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.70 views

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0777)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0777 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.8CVSS7.6AI score0.99999EPSS
Exploits61References66
Tenable Nessus
Tenable Nessus
added 2024/04/19 12:0 a.m.35 views

Oracle Business Intelligence Enterprise Edition (April 2024 CPU)

The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of...

7.5CVSS6.4AI score0.0232EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/21 9:37 a.m.40 views

Security Bulletin: Due to the use of jackson-databind, IBM CICS Transaction Gateway for Multiplatforms is vulnerable to a denial of service (CVE-2023-35116).

Summary There is a vulnerability in jackson-databind which is shipped as part of IBM CICS Transaction Gateway for Multiplatforms. An update to IBM CICS Transaction Gateway for Multiplatforms has been released to address the vulnerability. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION:...

4.7CVSS5.8AI score0.00352EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/19 8:5 a.m.28 views

Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to denial of service due to FasterXML jackson-databind (CVE-2023-35116)

Summary IBM Sterling Connect:Direct Web Services uses FasterXML jackson-databind. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a...

4.7CVSS5.8AI score0.00352EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/02/07 3:32 p.m.48 views

Moderate: Red Hat Security Advisory: Migration Toolkit for Runtimes security, bug fix and enhancement update

Migration Toolkit for Runtimes 1.2.4 release Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS6.6AI score0.02761EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/24 2:2 p.m.34 views

Security Bulletin: IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. This update addresses these CVEs. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused...

7.5CVSS7.5AI score0.01762EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/21 5:29 p.m.35 views

Security Bulletin: IBM Storage Fusion HCI may be vulnerable to denial of service due to jackson-databind, okio (CVE-2022-42003, CVE-2023-35116, CVE-2023-3635)

Summary Java libraries jackson-databind and okio are used by IBM Storage Fusion HCI for logging. Vulnerabilities in these libraries could lead to Denial of Service as described the the CVEs listed in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION:...

7.5CVSS6.7AI score0.02824EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/21 5:25 p.m.30 views

Security Bulletin: IBM Storage Fusion may be vulnerable to denial of service due to jackson-databind, okio (CVE-2022-42003, CVE-2023-35116, CVE-2023-3635)

Summary Java libraries jackson-databind and okio are used by IBM Storage Fusion for logging. Vulnerabilities in these libraries could lead to Denial of Service as described the the CVEs listed in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXM...

7.5CVSS6.7AI score0.02824EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/04 10:26 a.m.47 views

Security Bulletin: IBM Jazz Reporting Service is vulnerable to a denial of service (CVE-2023-35116)

Summary The fix includes a new version of the jackson-databind runtime that resolves the specified vulnerability. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based overflow. By persuading a victim to op...

4.7CVSS5.8AI score0.00352EPSS
Exploits0Affected Software1
Rows per page
Query Builder