Lucene search
K

216 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/11/29 10:27 p.m.33 views

Security Bulletin: IBM Event Streams is affected by a vulnerability in Node.js (CVE-2023-25883)

Summary This security vulnerability affects a required node.js module within IBM Event Streams UI component. CVE-2023-25883 Vulnerability Details CVEID:CVE-2022-25883 DESCRIPTION: Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS...

7.8CVSS7.4AI score0.02761EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/29 10:26 p.m.30 views

Security Bulletin: IBM Event Streams is affected by a vulnerability in Node.js Module._load() module (CVE-2023-32002)

Summary This security vulnerability affects a required node.js module within IBM Event Streams UI component. CVE-2023-32002 Vulnerability Details CVEID:CVE-2023-32002 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by the use of Module.load. By sending a...

9.8CVSS9.3AI score0.0143EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/29 10:25 p.m.33 views

Security Bulletin: IBM Event Streams is affected by a vulnerability in cURL libcurl (CVE-2023-28321)

Summary This security vulnerability affects the base image being used to build IBM Event Stream images. CVE-2023-28321 Vulnerability Details CVEID:CVE-2023-28321 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a flaw when listed as "Subject...

5.9CVSS6.4AI score0.0181EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/24 11:35 a.m.31 views

Security Bulletin: IBM Event Streams is affected by a vulnerability in Node.js ChromeDriver module (CVE-2023-26156)

Summary This security vulnerability affects a required node.js module within IBM Event Streams UI component. Vulnerability Details CVEID: CVE-2023-26156 DESCRIPTION: Node.js ChromeDriver module could allow a remote attacker to execute arbitrary commands on the system, caused by a command injectio...

7.5CVSS8AI score0.02233EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/06 1:52 p.m.39 views

Security Bulletin: IBM Event Streams is affected by a vulnerability in a component (Apache Avro Java SDK)

Summary avro is used by IBM Event Streams as part of dependencies under Java CVE-2023-39410. This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:...

7.5CVSS8.2AI score0.01772EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/11 11:44 a.m.33 views

Security Bulletin: IBM Event Streams is affected by a libcurl vulnerability

Summary cURL libcurl is used by IBM Event Streams as part of the Operating System CVE-2023-27536. The library supports retrieving data in-memory, downloading to disk, or streaming using the R "connection" interface. This bulletin identifies the steps to take to address the vulnerability...

5.9CVSS7.2AI score0.01566EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/11 11:43 a.m.37 views

Security Bulletin: IBM Event Streams is affected by libcurl vulnerability

Summary cURL libcurl is used by IBM Event Streams as part of the Operating System CVE-2023-27535. The library supports retrieving data in-memory, downloading to disk, or streaming using the R "connection" interface. This bulletin identifies the steps to take to address the vulnerability...

5.9CVSS7.2AI score0.01607EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/10 1:51 p.m.63 views

Security Bulletin: IBM Event Streams is affected by a denial of service due to OpenSSL vulnerabilities

Summary Openssl is used by IBM Event Streams as part of the Operating System CVE-2022-4450, CVE-2023-0216. This is a library that provides secure communication. Vulnerability Details CVEID:CVE-2022-4450 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error relat...

7.5CVSS7.6AI score0.20444EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/25 2:39 p.m.39 views

Security Bulletin: IBM Event Streams is affected by a libcurl vulnerability

Summary cURL libcurl is used by IBM Event Streams as part of the Operating System CVE-2023-27534. The library supports retrieving data in-memory, downloading to disk, or streaming using the R "connection" interface. Vulnerability Details CVEID:CVE-2023-27534 DESCRIPTION: cURL libcurl could allow ...

8.8CVSS8.4AI score0.02195EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/25 2:34 p.m.54 views

Security Bulletin: IBM Event Streams is affected by multiple openssl vulnerabilities

Summary Openssl is used by IBM Event Streams as part of the Operating System CVE-2022-4304, CVE-2023-0215, CVE-2023-0286. This is a library that provides secure communication. Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive...

7.5CVSS7.5AI score0.59501EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/29 9:37 a.m.56 views

Security Bulletin: IBM Event Streams is vulnerable to denial of service attacks due to snappy-java (CVE-2023-34453, CVE-2023-34455, CVE-2023-34454)

Summary IBM Event Streams is affected by snappy-java vulnerabilities CVE-2023-34453, CVE-2023-34455, CVE-2023-34454 Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a special...

7.5CVSS7.1AI score0.01762EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/29 9:35 a.m.60 views

Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack due to Golang Go (CVE-2023-29409)

Summary IBM Event Streams is affected by Golang Go vulnerability CVE-2023-29409 Vulnerability Details CVEID:CVE-2023-29409 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificat...

5.3CVSS6.4AI score0.01328EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/01 4:29 p.m.47 views

Security Bulletin: IBM Event Streams is affected by a vulnerability in Golang Go (CVE-2023-29406)

Summary Vulnerabilities in golang before 1.19.11 affect the golang component that is used by IBM Event Streams CVE-2023-29406. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-29406 DESCRIPTION: Golang Go is vulnerable to HTTP header injection, caused by improper conten...

6.5CVSS7AI score0.0125EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/01 4:26 p.m.35 views

Security Bulletin: IBM Event Streams is affected by a vulnerability in Node.js Request package (CVE-2023-28155)

Summary A vulnerability in Node.js Request package through 2.88.1 affects the Node.js component that is used by IBM Event Streams CVE-2023-28155. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-28155 DESCRIPTION: Node.js Request module is vulnerable to server-side...

6.1CVSS6.1AI score0.00719EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/01 9:43 a.m.60 views

Security Bulletin: IBM Event Streams is affected by multiple vulnerabilities in Node.js

Summary Vulnerabilities in node.js before 18.16.1 affect the Node.js component that is used by IBM Event Streams CVE-2023-30581, CVE-2023-30589, CVE-2023-30585, CVE-2023-30590, CVE-2023-30588. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-30589 DESCRIPTION: Node....

7.5CVSS8.1AI score0.03906EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/25 6:12 a.m.57 views

Security Bulletin: IBM Event Streams is affected by multiple vulnerabilities in Golang Go

Summary Vulnerabilities in golang before 1.19.10 affect the golang component that is used by IBM Event Streams CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-29403 DESCRIPTION: Golang Go could allow a...

9.8CVSS9.5AI score0.01837EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/25 6:6 a.m.49 views

Security Bulletin: IBM Event Streams is affected by multiple Golang Go vulnerabilities

Summary There are a number of vulnerabilities in Golang Go used by IBM Event Streams CVE-2023-29400, CVE-2023-24540, CVE-2023-24539, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-24540 DESCRIPTION: Go is vulnerable ...

9.8CVSS9.9AI score0.02281EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/13 2:55 p.m.41 views

Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack due to Golang Go (CVE-2022-41723)

Summary IBM Event Streams is affected by golang / golang-xnet vulnerability for version 0.7.0 CVE-2022-41723 Vulnerability Details CVEID:CVE-2022-41723 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in the HPACK decoder. By sending a specially-crafted HTTP/2 stream,...

7.5CVSS7.4AI score0.04561EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/13 2:52 p.m.24 views

Security Bulletin: IBM Event Streams is affected by multiple Semaru Java vulnerabilities

Summary IBM Event Streams has addressed the following IBM Semaru Java vulnerabilities before version 17.0.7.0 CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597 Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An...

9.1CVSS8.5AI score0.02474EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/17 11:9 a.m.32 views

Security Bulletin: IBM Event Streams is affected by vulnerabilities in Golang Go (CVE-2022-41724, CVE-2023-24532)

Summary These security vulnerabilities affect Golang Go that is used by IBM Event Streams. Vulnerability Details CVEID:CVE-2022-41724 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when processing large TLS handshake records. By sending specially-crafted TLS handsha...

7.5CVSS8AI score0.01111EPSS
Exploits0Affected Software1
Rows per page
Query Builder