161 matches found
Security Bulletin: Vulnerability in Waitress affects IBM Process Mining (CVE-2024-49768)
Summary There is a vulnerability in Waitress that could allow a remote attacker to bypass a protection mechanism and cause a symlink attack. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 2.0.1
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 2.0.1 Vulnerability Details CVEID:CVE-2024-6827 DESCRIPTION: Gunicorn version 21.2.0 does not properly validate the value of the 'Transfer-Encoding'...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Jan 2025
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 2.0.0 IF001 Vulnerability Details CVEID:CVE-2024-43796 DESCRIPTION: expressjs express is vulnerable to cross-site scripting, caused by improper...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Nov 2024
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF004 Vulnerability Details CVEID:CVE-2024-38821 DESCRIPTION: VMware Tanzu Spring Security could allow a remote attacker to bypass security...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Oct 2024
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF003 Vulnerability Details CVEID:CVE-2018-15209 DESCRIPTION: LibTIFF is vulnerable to a denial of service, caused by a heap-based buffer...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Sept 2024
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF002 Vulnerability Details CVEID:CVE-2024-22262 DESCRIPTION: VMware Tanzu Spring Framework could allow a remote attacker to conduct phishing...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF001
Summary The following security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF001 Vulnerability Details CVEID:CVE-2024-37891 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain sensitive information, caused by the failure to strip the Proxy-Authorization...
Security Bulletin: Vulnerability in tqdm affects IBM Process Mining CVE-2024-34062
Summary There is a vulnerability in tqdm that could allow an local authenticated attacker to execute arbitrary code on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2024-34062...
Security Bulletin: Vulnerability in Jinja affects IBM Process Mining CVE-2024-34064
Summary There is a vulnerability in Jinja that could allow an attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerabili...
Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-30171
Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an remote authenticated attacker to obtain sensitive information on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability...
Security Bulletin: Vulnerability in Apache Commons Compress affects IBM Process Mining Multiple CVEs
Summary There is a vulnerability in Apache Commons Compress that could allow an remote attacker exploit to cause a denial of service condition on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability...
Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-34447
Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to perform a DNS poisoning attack on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...
Security Bulletin: Vulnerability in Netty affects IBM Process Mining CVE-2024-29025
Summary There is a vulnerability in Netty that could allow an attacker to cause a denial of service condition on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2024-29025...
Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-30172
Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to cause a denial of service condition on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability...
Security Bulletin: Vulnerability in Pydantic affects IBM Process Mining CVE-2024-3772
Summary There is a vulnerability in Pydantic that could allow an attacker to cause a denial of service on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2024-3772 DESCRIPTION:...
Security Bulletin: Vulnerability in Node.js affects IBM Process Mining CVE-2024-28849
Summary There is a vulnerability in Node.js that could allow an remote authenticated attacker to obtain sensitive information on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...
Security Bulletin: Vulnerability in VMware Tanzu Spring Framework affects IBM Process Mining CVE-2024-22262
Summary There is a vulnerability in VMware Tanzu Spring Framework that could allow a remote attacker to conduct phishing attacks on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...
Security Bulletin: Vulnerability in Gunicorn affects IBM Process Mining CVE-2024-1135
Summary There is a vulnerability in Gunicorn that could allow an attacker to conduct XSS attacks on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2024-1135 DESCRIPTION: Gunicor...
Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-29857
Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to cause excessive CPU consumption on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...
Security Bulletin: Vulnerability in sqlparse affects IBM Process Mining CVE-2024-4340
Summary There is a vulnerability in sqlparse that could allow an attacker to cause a denial of service condition on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2024-4340...