Security Bulletin: ThreeTen Backport vulnerability has been identified in Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2024-23081,CVE-2024-23082)

Summary There is a potential denial of service vulnerability in ThreeTen Backport that is used by Apache Solr in IBM Operations Analytics - Log Analysis Vulnerability Details CVEID:CVE-2024-23082 DESCRIPTION: ThreeTen Backport is vulnerable to a denial of service, caused by an integer overflow in...

threetenbp: null pointer exception

A null pointer exception vulnerability was found in Threeten Backport. If the other parameter is null in ChronoLocalDate, a NullPointerException is thrown...

Security Bulletin: IBM Automation Decision Services for May 2024 - Multiple CVEs addressed

Summary "IBM Automation Decision Services is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed." Vulnerability Details CVEID:CVE-2024-288...

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to issues due to Apache Commons Configuration and Fasterxml jackson-databind

Summary There are vulnerabilities in Apache Commons Configuration and Fasterxml jackson-databind used by Install Agent, Integrated File Agent and Integrated Web Services in IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the...

NULL Pointer Dereference

ThreeTen Backport is vulnerable to NULL Pointer Dereference. The vulnerability is due to missing null value checks in the org.threeten.bp.LocalDate::compareToChronoLocalDate method, resulting in a NullPointerException if an attacker can pass a null value to the method...

Integer Overflow

ThreeTen backport is vulnerable to integer overflow. The vulnerability is due to missing string validation in the org.threeten.bp.format.DateTimeFormatter::parseCharSequence, ParsePosition method, which returns a StringIndexOutOfBoundsException if the CharSequence is empty...

CVE-2024-23081

A null pointer exception vulnerability was found in Threeten Backport. If the other parameter is null in ChronoLocalDate, a NullPointerException is thrown. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security...

CVE-2024-23081

ThreeTen Backport v1.6.8 was discovered to contain a NullPointerException via the component org.threeten.bp.LocalDate::compareToChronoLocalDate. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The...

CVE-2024-23081

ThreeTen Backport v1.6.8 was discovered to contain a NullPointerException via the component org.threeten.bp.LocalDate::compareToChronoLocalDate. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The...

CVE-2024-23081

ThreeTen Backport v1.6.8 was discovered to contain a NullPointerException via the component org.threeten.bp.LocalDate::compareToChronoLocalDate. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The...

CVE-2024-23082

ThreeTen Backport v1.6.8 was discovered to contain an integer overflow via the component org.threeten.bp.format.DateTimeFormatter::parseCharSequence, ParsePosition. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a...

CVE-2024-23082

ThreeTen Backport v1.6.8 was discovered to contain an integer overflow via the component org.threeten.bp.format.DateTimeFormatter::parseCharSequence, ParsePosition. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a...

CVE-2024-23082

ThreeTen Backport v1.6.8 was discovered to contain an integer overflow via the component org.threeten.bp.format.DateTimeFormatter::parseCharSequence, ParsePosition. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a...

ThreeTen backport project 安全漏洞

ThreeTen backport project is a simple backport for ThreeTen open source. A security vulnerability exists in ThreeTen backport project version v1.6.8, which stems from a null pointer exception contained in the component org.Threeten.bp.LocalDate compareToChronoLocalDate...

CVE-2024-23082

CVE-2024-23082 concerns ThreeTen Backport v1.6.8, with an integer overflow in DateTimeFormatter.parse(CharSequence, ParsePosition). Multiple sources dispute the vulnerability’s existence; no solid public exploit details are provided in the documents. Red Hat/IBM postings flag a potential denial-o...

PT-2024-19661 · Unknown · Threeten Backport

Name of the Vulnerable Software and Affected Versions: ThreeTen Backport version 1.6.8 Description: The issue is related to an integer overflow in the org.threeten.bp.format.DateTimeFormatter::parseCharSequence, ParsePosition component. However, it is noted that the existence of this issue is...

ThreeTen backport project 安全漏洞

ThreeTen backport project is a simple backport for ThreeTen open source. A security vulnerability exists in ThreeTen backport project version v1.6.8, which stems from a null pointer exception contained in the component org. Threeten.bp.format.DateTimeFormatter parseCharSequence, ParsePosition...

CVE-2024-23081

ThreeTen Backport v1.6.8 was discovered to contain a NullPointerException via the component org.threeten.bp.LocalDate::compareToChronoLocalDate. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The...

CVE-2024-23082

ThreeTen Backport v1.6.8 was discovered to contain an integer overflow via the component org.threeten.bp.format.DateTimeFormatter::parseCharSequence, ParsePosition. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a...

PT-2024-19660 · Unknown · Threeten Backport

Name of the Vulnerable Software and Affected Versions: ThreeTen Backport version 1.6.8 Description: A NullPointerException was discovered in the component org.threeten.bp.LocalDate::compareToChronoLocalDate. However, the existence of this issue is disputed by multiple third parties due to...