Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/12/31 3:23 p.m.6 views

Security Bulletin: IBM Event Streams is vulnerable to Weak Encryption (CVE-2025-45767)

Summary IBM Event Streams is vulnerable to weak encryption due to the JOSE library. JOSE is used for JSON Object Signing and Encryption in token-based authentication. Vulnerability Details CVEID:CVE-2025-45767 DESCRIPTION: jose v6.0.10 was discovered to contain weak encryption. NOTE: this is...

7CVSS7AI score0.00145EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/16 10:13 a.m.30 views

Security Bulletin: IBM Maximo Application Suite uses jose-2.0.7.tgz, protobuf-3.20.3-py2.py3-none-any.whl and codemirror-6.0.1.tgz which is vulnerable to CVE-2025-45767, CVE-2025-4565 and CVE-2025-6493.

Summary IBM Maximo Application Suite uses jose-2.0.7.tgz, protobuf-3.20.3-py2.py3-none-any.whl and codemirror-6.0.1.tgz which is vulnerable to CVE-2025-45767, CVE-2025-4565 and CVE-2025-6493. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

8.2CVSS6.7AI score0.00448EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/08/01 3:15 p.m.2 views

CVE-2025-45767

jose v6.0.10 was discovered to contain weak encryption. NOTE: this is disputed by a third party because the claim of "do not meet recommended security standards" does not reflect guidance in a final publication...

7CVSS6.5AI score
Exploits0References6
CVE
CVE
added 2025/08/01 12:0 a.m.43 views

CVE-2025-45767

CVE-2025-45767: jose v6.0.10 is associated with weak encryption. The Connected IBM bulletins confirm this CVE across IBM Concert/Events/Watsonx contexts and recommend upgrading to newer Jose-bearing releases (e.g., IBM Event Streams 12.1.0; IBM watsonx Cartridges 5.3.0 or later; IBM Concert Softw...

7CVSS6.6AI score0.00145EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/08/01 12:0 a.m.4 views

CVE-2025-45767

jose v6.0.10 was discovered to contain weak encryption. NOTE: this is disputed by a third party because the claim of "do not meet recommended security standards" does not reflect guidance in a final publication...

7CVSS5.5AI score0.00145EPSS
Exploits0
Rows per page
Query Builder