Lucene search
+L

72 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/01/27 9:4 a.m.18 views

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 288 Vulnerability Details CVEID:CVE-2024-12798 DESCRIPTION: ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0...

5.9CVSS7.6AI score0.00404EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/06 5:42 a.m.13 views

Security Bulletin: IBM Observability with Instana is vulnerable to Improper Validation of Specified Type of Input

Summary Golang Go is used by IBM Instana Observability as part of the elasticsearch-operator CVE-2024-24790 . This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-24790 DESCRIPTION: An unspecified error related to various Is methods...

9.8CVSS7.1AI score0.01952EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/28 3:48 p.m.45 views

Security Bulletin: IBM Observability with Instana for Synthetic PoP is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana for Synthetic PoP build 284 Vulnerability Details CVEID:CVE-2024-2398 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a memory leak when allowing HTTP/2 server push. By sending a specially...

9.8CVSS9.4AI score0.36081EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/18 3:4 p.m.36 views

Security Bulletin: IBM Observability with Instana is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana in build 1.285.0 Vulnerability Details CVEID:CVE-2021-40690 DESCRIPTION: Apache Santuario XML Security for Java could allow a remote attacker to bypass security restrictions, caused by the improper passing of the...

8.8CVSS8.9AI score0.1121EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/23 3:56 p.m.26 views

Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana using third-party Kubernetes Operators build 283 Vulnerability Details CVEID:CVE-2024-35195 DESCRIPTION: Psf Requests could allow a local authenticated attacker to bypass security restrictions, caused by an incorre...

9.1CVSS8.4AI score0.1121EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/17 8:54 a.m.25 views

Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple security vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 283 Vulnerability Details CVEID:CVE-2022-40897 DESCRIPTION: Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a specially crafted regula...

8.8CVSS7.3AI score0.02617EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/17 8:51 a.m.49 views

Security Bulletin: IBM Observability with Instana for Self-Hosted Standard Edition is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana for Self-Hosted Standard Edition 281. Vulnerability Details CVEID:CVE-2022-41722 DESCRIPTION: Golang Go could allow a remote attacker to traverse directories on the system, caused by a flaw in the filepath.Clean...

7.5CVSS9.6AI score0.03796EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/16 8:10 a.m.29 views

Security Bulletin: IBM Observability with Instana for Self-Hosted Standard Edition is affected by multiple Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana for Self-Hosted Standard Edition 281 CVE-2024-24790, CVE-2023-24538, CVE-2023-24540, CVE-2022-1996 Vulnerability Details CVEID:CVE-2024-24790 DESCRIPTION: An unspecified error related to various Is methods IsPrivat...

9.8CVSS8.4AI score0.02737EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 1:30 p.m.31 views

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 282 Vulnerability Details CVEID:CVE-2024-24790 DESCRIPTION: An unspecified error related to various Is methods IsPrivate, IsLoopback, etc did not work as expected for...

9.8CVSS7.9AI score0.01952EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/30 1:25 p.m.43 views

Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple security vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 279 Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw with cookie request header not stripped...

8.1CVSS6.9AI score0.02974EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/18 11:16 a.m.37 views

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 277. Vulnerability Details CVEID:CVE-2023-47038 DESCRIPTION: Perl is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the user-defined...

7.8CVSS8.6AI score0.03028EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/18 11:15 a.m.25 views

Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple security vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 277 Vulnerability Details CVEID:CVE-2022-40152 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending a specially-crafted XML data, a remote...

7.5CVSS7.7AI score0.19653EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/18 11:13 a.m.27 views

Security Bulletin: IBM Observability with Instana for Synthetic PoP is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana for Synthetic PoP build 277 Vulnerability Details CVEID:CVE-2024-37890 DESCRIPTION: Node.js ws module is vulnerable to a denial of service, caused by a NULL pointer dereference. By sending a specially crafted reques...

8.1CVSS7.9AI score0.08279EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/10 7:59 a.m.47 views

Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple security vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 275. Vulnerability Details CVEID:CVE-2024-29025 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a flaw when using the HttpPostRequestDecoder to decode a form. By sending a specially...

8.8CVSS9.2AI score0.99999EPSS
Exploits22Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/04 7:29 a.m.28 views

Security Bulletin: IBM Instana Observability is vulnerable to Improper Input Validation due to Apache Avro Java SDK

Summary Vulnerability in Apache Avro Java SDK was remediated in IBM Observability with Instana Build 275. CVE-2023-39410 Vulnerability Details CVEID:CVE-2023-39410 DESCRIPTION: Apache Avro Java SDK could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an...

7.5CVSS8.4AI score0.01772EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/13 6:21 a.m.47 views

Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana using third-party Kubernetes Operators build 273. Vulnerability Details CVEID:CVE-2023-6516 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an out-of-memory condition. By using specific...

7.5CVSS8.4AI score0.99995EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/31 6:13 a.m.34 views

Security Bulletin: IBM Observability with Instana for Synthetic PoP is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana for Synthetic PoP build 274 Vulnerability Details CVEID:CVE-2022-40897 DESCRIPTION: Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a specially...

8.1CVSS7.6AI score0.02617EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/30 11:23 a.m.49 views

Security Bulletin: IBM Observability with Instana (OnPrem) is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 273 Vulnerability Details CVEID:CVE-2021-32052 DESCRIPTION: Django is vulnerable to HTTP header injection, caused by improper validation of input in URLValidator. By persuading a victim to visit a...

7.5CVSS9.6AI score0.99999EPSS
Exploits28Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/20 6:22 a.m.64 views

Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana using third-party Kubernetes Operators build 271. Vulnerability Details CVEID:CVE-2024-1023 DESCRIPTION: Eclipse Vert.x is vulnerable to a denial of service, caused by a memory leak due to the use of Netty...

6.5CVSS7AI score0.01639EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/13 2:38 p.m.47 views

Security Bulletin: IBM Observability with Instana for Synthetic PoP is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana for Synthetic PoP build 272 Vulnerability Details CVEID:CVE-2024-29041 DESCRIPTION: Express.js Express could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker...

8.1CVSS7.4AI score0.0138EPSS
Exploits3Affected Software1
Rows per page
Query Builder