Lucene search
K

22 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/07/01 7:41 p.m.5 views

Security Bulletin: Multiple Vulnerabilities affect IBM Tivoli Netcool Impact 7.1.1.0

Summary Multiple vulnerabilities were addressed in IBM Tivoli Netcool Impact version 7.1.1.1 Vulnerability Details CVEID:CVE-2026-42198 DESCRIPTION: pgjdbc is an open source postgresql JDBC Driver. From version 42.2.0 to before version 42.7.11, pgjdbc is vulnerable to a client-side denial of...

9.1CVSS6.1AI score0.0077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 11:43 a.m.12 views

Security Bulletin: IBM App Connect for Healthcare is vulnerable to multiple vulnerabilities due to Apache Log4j and Apache Neethi

Summary IBM App Connect for Healthcare is vulnerable to multiple vulnerabilities due to Apache Log4j and Apache Neethi. Vulnerability Details CVEID:CVE-2026-42402 DESCRIPTION: Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Special...

7.5CVSS5.5AI score0.0086EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2026/05/20 8:47 p.m.11 views

org.apache.neethi: Apache Neethi: Denial of Service via algorithmic complexity in policy normalization

A flaw was found in Apache Neethi. A remote attacker can exploit this vulnerability by providing specially crafted WS-Policy documents. This triggers an algorithmic complexity issue during policy normalization, leading to an exponential expansion of policy alternatives. This unbounded memory...

7.5CVSS5.7AI score0.00711EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/20 8:47 p.m.11 views

org.apache.neethi: Apache Neethi: Denial of Service via circular policy references

A flaw was found in Apache Neethi. An attacker can exploit this vulnerability by crafting malicious WS-Policy documents that contain circular policy references. This can cause the policy normalization process to enter an infinite loop or excessive recursion, leading to a stack overflow or...

7.5CVSS5.8AI score0.00763EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/20 8:13 p.m.12 views

Security Bulletin: IBM Enterprise Build of Quarkus is affected by multiple vulnerabilities

Summary IBM Enterprise Build of Quarkus is affected by vulnerabilities in the PostgreSQL JDBC driver and Apache Neethi Vulnerability Details CVEID:CVE-2026-42402 DESCRIPTION: Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Speciall...

7.5CVSS5.9AI score0.0077EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/13 7:40 p.m.13 views

CVE-2026-42402

A flaw was found in Apache Neethi. A remote attacker can exploit this vulnerability by providing specially crafted WS-Policy documents. This triggers an algorithmic complexity issue during policy normalization, leading to an exponential expansion of policy alternatives. This unbounded memory...

7.5CVSS5.6AI score0.00711EPSS
Exploits0References4
Veracode
Veracode
added 2026/05/07 10:5 a.m.19 views

Denial Of Service

Apache Neethi is vulnerable to Denial of Service DoS. The vulnerability is due to algorithmic complexity in the policy normalization process, where specially crafted WS-Policy documents trigger exponential Cartesian cross-product expansion, leading to excessive memory allocation and JVM heap...

7.5CVSS5.7AI score0.00711EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2026/05/07 8:31 a.m.19 views

Denial Of Service

Apache Neethi is vulnerable to Denial of Service.The vulnerability is due to improper handling of circular references during policy normalization, where recursive policy references are not detected, leading to infinite loops or excessive recursion that can cause stack overflow or application hang...

7.5CVSS5.9AI score0.00763EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/01 9:30 a.m.11 views

Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization

Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion during the normalization process, causing unbounded memory allocation that exhausts...

7.5CVSS5.7AI score0.00711EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/01 9:30 a.m.5 views

GHSA-2HFH-9H53-QC24 Apache Neethi does not properly detect circular references in policy definitions.

Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...

7.5CVSS5.8AI score0.00763EPSS
Exploits0References4
OSV
OSV
added 2026/05/01 9:30 a.m.5 views

GHSA-G36M-9G3M-2VMP Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization

Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion during the normalization process, causing unbounded memory allocation that exhausts...

7.5CVSS5.7AI score0.00711EPSS
Exploits0References4
NVD
NVD
added 2026/05/01 9:16 a.m.4 views

CVE-2026-42402

Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion during the normalization process, causing unbounded memory allocation that exhausts...

7.5CVSS0.00711EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/01 8:54 a.m.5 views

CVE-2026-42402 Apache Neethi: Policy Normalization Unbounded Resource Allocation DoS

Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion during the normalization process, causing unbounded memory allocation that exhausts...

7.5CVSS5.7AI score0.00711EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/01 8:54 a.m.7 views

EUVD-2026-26485

Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion during the normalization process, causing unbounded memory allocation that exhausts...

7.5CVSS5.7AI score0.00711EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/01 8:54 a.m.5 views

CVE-2026-42402

Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion during the normalization process, causing unbounded memory allocation that exhausts...

7.5CVSS5.7AI score0.00711EPSS
Exploits0References2
CVE
CVE
added 2026/05/01 8:54 a.m.94 views

CVE-2026-42402

CVE-2026-42402 describes a Denial of Service in Apache Neethi due to algorithmic complexity in policy normalization. Crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion, causing unbounded memory growth and JVM heap exhaustion during normalization when too many...

7.5CVSS5.7AI score0.00711EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/01 8:54 a.m.33 views

CVE-2026-42402 Apache Neethi: Policy Normalization Unbounded Resource Allocation DoS

Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion during the normalization process, causing unbounded memory allocation that exhausts...

7.5CVSS0.00711EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/01 8:38 a.m.5 views

EUVD-2026-26486

Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...

7.5CVSS5.8AI score0.00763EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/01 8:38 a.m.4 views

CVE-2026-42403 Apache Neethi: Circular Policy Reference Infinite Loop

Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...

7.5CVSS5.8AI score0.00763EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/01 8:38 a.m.30 views

CVE-2026-42403 Apache Neethi: Circular Policy Reference Infinite Loop

Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...

7.5CVSS0.00763EPSS
Exploits0References1
Rows per page
Query Builder