8 matches found
Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Apache ZooKeeper
Summary Multiple vulnerabilities in Apache ZooKeeper that is used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2026-24281 DESCRIPTION: Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS PTR when IP SAN validation fails, allowing...
CLEANSTART-2026-KV09488 Security fixes for CVE-2026-23865, CVE-2026-23868, CVE-2026-24281, CVE-2026-24308, CVE-2026-34479, CVE-2026-42577, ghsa-355h-qmc2-wpwf, ghsa-3pxv-7cmr-fjr4, ghsa-445c-vh5m-36rj, ghsa-6hg6-v5c8-fphq, ghsa-72hv-8253-57qq, ghsa-h383-gmxw-35v2, ghsa-rwm7-x88c-3g2p, ghsa-w35j-pv5h-q9q9 applied in versions: 9.10.1-r1, 9.10.1-r2
Multiple security vulnerabilities affect the solr package. These issues are resolved in later releases. See references for individual vulnerability details...
Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.13.5 release and security update
Red Hat AMQ Broker 7.13.5 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CVE-2026-24308 vulnerabilities
Vulnerabilities for packages: kserve-modelmesh, apache-activemq-artemis, apache-nifi, solr, trino, thingsboard, spark, zookeeper, akhq, strimzi-kafka-operator, druid, apache-pulsar, tez...
CVE-2026-24308 vulnerabilities
Vulnerabilities for packages: spark-fips, spark-kubernetes-operator, apache-pulsar-fips, wso2is, pinot, apache-pulsar, apache-nifi, solr, strimzi-kafka-operator, druid, akhq, apache-activemq-artemis, spark, zookeeper, kafka, seata, zookeeper-fips, kserve-modelmesh, tez, thingsboard, trino,...
CVE-2026-24308
A flaw was found in Apache ZooKeeper. Improper handling of configuration values in ZKConfig allows an attacker to expose sensitive information. This occurs when sensitive client configuration values are logged at an INFO level in the client's logfile. This vulnerability can lead to information...
ai.catboost:catboost-spark_4.0_2.13 (=1.2.10), ai.catboost:catboost-spark_4.1_2.13 (=1.2.10) +1206 more potentially affected by CVE-2026-24308 via org.apache.zookeeper:zookeeper (>=3.8.0 <=3.8.5)
org.apache.zookeeper:zookeeper MAVEN version =3.8.0, =3.10.0.5, =0.1.0, =0.2.6, =0.0.33, =0.0.82, =0.0.33, =0.0.33, =0.0.33, =0.6.2, =0.6.0, =0.7.1 and more Source cves: CVE-2026-24308 Source advisory: OSV:GHSA-CRHR-QQJ8-RPXC...
CVE-2026-24308
creationtimestamp| type| source ---|---|--- 2026-03-07 08:16:07+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-24308 2026-03-07 10:30:31+00:00| seen| https://infosec.exchange/users/offseq/statuses/116187426198968970 2026-03-07 10:30:33+00:00| seen|...