16 matches found
ROOT-APP-MAVEN-CVE-2024-38809 CVE-2024-38809 in io.root.org.springframework:spring-web - Patched by Root
Root has patched CVE-2024-38809 in the io.root.org.springframework:spring-web package for Root:Maven. Multiple fixed versions available...
Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to a denial of service in VMware Tanzu Spring [CVE-2024-38809]
Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in VMware Tanzu Spring, caused by improper input validation CVE-2024-38809. VMware Tanzu Spring is used in our Speech microservices. This vulnerabilitiy has been addressed. Please read the details for remediation...
Linux Distros Unpatched Vulnerability : CVE-2024-38809
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Applications that parse ETags from If-Match or If-None-Match request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in Spring Framework [CVE-2024-38809]
Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in Spring Framework, caused by improper input validation CVE-2024-38809. Spring Framework is used by our Speech Microservices. This vulnerabilitiy has been addressed. Please read the details for remediation below...
Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to spring-web-6.1.11.jar CVE-2024-38809
Summary IBM Maximo Application Suite - Monitor Component is vulnerable to spring-web-6.1.11.jar CVE-2024-38809. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-38809 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denia...
Security Bulletin: Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager (CVE-2024-38808,CVE-2024-38809).
Summary Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager CVE-2024-38808,CVE-2024-38809. IBM has addressed the vulnerabilities. Vulnerability Details CVEID:CVE-2024-38809 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service,...
CVE-2024-38809
creationtimestamp| type| source ---|---|--- 2024-09-27 20:05:03+00:00| seen| https://t.me/cvedetector/6564...
CVE-2024-38809 vulnerabilities
Vulnerabilities for packages: thingsboard, apache-nifi...
CVE-2024-38809
Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users of older, unsupported versions could enforce a size limit on "If-Match" and "If-None-Match" headers,...
CVE-2024-38809
Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users of older, unsupported versions could enforce a size limit on "If-Match" and "If-None-Match" headers,...
ai.optfor:spring-openai-api (>=0.1 <=0.3.25), am.ik.s3:simple-s3-client (>=0.1.0 <=0.1.1) +4182 more potentially affected by CVE-2024-38809 via org.springframework:spring-web (>=6.0.0 <=6.0.22)
org.springframework:spring-web MAVEN version =6.0.0, =0.1, =0.1.0, =0.2.3, =0.2.3, =0.0.6, =0.0.6, =4.0.0, =1.5.0.RELEASE, =1.5.1.RELEASE, =1.5.0.RELEASE, =2.1.0.RELEASE, =1.5.0.RELEASE, =3.0.0, =3.1.1 and more Source cves: CVE-2024-38809 Source advisory: OSV:GHSA-2RMJ-MQ67-H97G...
ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.70.0 <=0.74.0), ai.ancf.lmos:arc-runner (=0.73.0) +3489 more potentially affected by CVE-2024-38809 via org.springframework:spring-web (>=6.1.0 <=6.1.11)
org.springframework:spring-web MAVEN version =6.1.0, =0.70.0, =0.1.0, =0.5.0, =0.6.0, =0.6.0, =0.5.0, =0.6.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.8.7 and more Source cves: CVE-2024-38809 Source advisory: OSV:GHSA-2RMJ-MQ67-H97G...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +36951 more potentially affected by CVE-2024-38809 via org.springframework:spring-web (>=1.2.1 <=5.3.37)
org.springframework:spring-web MAVEN version =1.2.1, =1.1, =0.0.1, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.2.0 and more Source cves: CVE-2024-38809 Source advisory: OSV:GHSA-2RMJ-MQ67-H97G...
Spring Framework < 5.3.39 / 6.0.x < 6.0.23 / 6.1.x < 6.1.12 HTTP Request DoS (CVE-2024-38809)
The remote host contains a Spring Framework version prior to 5.3.39, 6.0.x prior to 6.0.23, or 6.1.x prior to 6.1.12. It is, therefore, affected by an HTTP Request DoS vulnerability: - Applications that parse ETags from 'If-Match' or 'If-None-Match' request headers are vulnerable to DoS attack...
VMware Spring Framework < 5.3.38, 6.0.x < 6.0.23, 6.1.x < 6.1.12 DoS Vulnerability - Windows
The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
VMware Spring Framework < 5.3.38, 6.0.x < 6.0.23, 6.1.x < 6.1.12 DoS Vulnerability - Linux
The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...