Security Bulletin: Astronomer with IBM is vulnerable to leaked credentials due to the requests package (CVE-2024-47081).

Summary Requests is used by Astronomer with IBM as part of the HTTP processing functionality. Vulnerability Details CVEID:CVE-2024-47081 DESCRIPTION: Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific...

AZL-42162 CVE-2024-4323 affecting package fluent-bit for versions less than 2.2.3-1

A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server’s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution...

IBM Answer Retrieval for Watson Discovery On Prem 环境问题漏洞

IBM Answer Retrieval for Watson Discovery On Prem is a microservices-based, cloud-native solution from International Business Machines IBM. IBM Answer Retrieval for Watson Discovery On Prem suffers from an environmental issue vulnerability that stems from the llhttp parser in the HTTP module not...

CVE-2017-16597

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of WRQ requests. When parsing the...

Sybase OneBridge Mobile Data Suite format string vulnerability

Format string vulnerability during IMAPs/SMTPs requests parsing...