Security Bulletin: Multiple vulnerabilities in IBM Aspera Console

Summary Multiple vulnerabilities were addressed in IBM Aspera Console version 3.4.8. Vulnerability Details CVEID:CVE-2025-61780 DESCRIPTION: Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability existed in...

PT-2024-2426 · Unknown · Jupyter Server Proxy

Name of the Vulnerable Software and Affected Versions: Jupyter Server Proxy versions prior to 3.2.3 Jupyter Server Proxy versions prior to 4.1.1 Description: The issue is related to the lack of proper user authentication when proxying websockets in Jupyter Server Proxy. This allows unauthenticate...

PT-2023-20577 · Apache · Apache Couchdb

Name of the Vulnerable Software and Affected Versions: Apache CouchDB versions prior to 3.2.3 Apache CouchDB versions prior to 3.3.2 Description: Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design...

SUSE CVE-2021-37404

There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher...

OESA-2022-2016 hadoop security update

Apache Hadoop is a framework that allows for the distributed processing of large data sets across clusters of computers using simple programming models. It is designed to scale up from single servers to thousands of machines, each offering local computation and storage. Security Fixes: In Apache...

GHSA-RMPJ-7C96-MRG8 Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2

There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher...