Lucene search
+L

4 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/06 1:44 p.m.7 views

Security Bulletin: Due to use of spring-boot-autoconfigure-3.5.13.jar, IBM Sterling Connect:Direct Web Services is vulnerable to not perform hostname verification.

Summary spring-boot-autoconfigure-3.5.13.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-40971, CVE-2026-40974. Vulnerability Details CVEID:CVE-2026-40971 DESCRIPTION: When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname...

9.8CVSS5.5AI score0.00182EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/04/27 11:31 p.m.35 views

CVE-2026-40974

Spring Boot's Cassandra auto-configuration does not perform hostname verification when establishing an SSL connection to Cassandra. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15 fix 3.4.16, 3.3.0–3.3.18 fix 3.3.19, 2.7.0–2.7.32 fix 2.7.33; Cassandra SSL...

5CVSS0.00182EPSS
Exploits0References1
OSV
OSV
added 2026/04/27 11:31 p.m.2 views

CVE-2026-40974

Spring Boot's Cassandra auto-configuration does not perform hostname verification when establishing an SSL connection to Cassandra. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15 fix 3.4.16, 3.3.0–3.3.18 fix 3.3.19, 2.7.0–2.7.32 fix 2.7.33; Cassandra SSL...

5CVSS6AI score0.00182EPSS
Exploits0References3
Circl
Circl
added 2026/04/24 1:35 p.m.6 views

CVE-2026-40974

creationtimestamp| type| source ---|---|--- 2026-04-24 13:35:33+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mkanfgg2pj2e 2026-06-12 12:55:06+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mo3ry7mosb27...

9.8CVSS4.9AI score0.00182EPSS
Exploits0References2
Rows per page
Query Builder