118 matches found
Security Bulletin: IBM Workload Automation potentially affected by multiple vulnerabilities in Java.
Summary IBM Workload Automation potentially vulnerable to multiple vulnerabilities in Java that can cause integrity, availability, information disclosure issues CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945 Vulnerability Details CVEID:CVE-2024-2095...
Security Bulletin: vulnerability in OpenSSL affects IBM Workload Automation.
Summary IBM Workload Automation is potentially affected by a vulnerability in OpenSSL that can cause denial of service CVE-2023-6129 Vulnerability Details CVEID:CVE-2023-6129 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw in the POLY1305 MAC message authentication cod...
Security Bulletin: IBM Workload Automation potentially affected by multiple vulnerabilities in Java.
Summary IBM Workload Automation potentially vulnerable to multiple vulnerabilities in Java that can cause integrity, availability, information disclosure issues CVE-2023-22081, CVE-2023-22067, CVE-2023-5676 Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Ja...
Security Bulletin: vulnerability in OpenSSL affects IBM Workload Automation.
Summary IBM Workload Automation has updated OpenSSL to address vulnerability CVE-2023-5678 Vulnerability Details CVEID:CVE-2023-5678 DESCRIPTION: Openssl is vulnerable to a denial of service, caused by a flaw when using DHgeneratekey function to generate an X9.42 DH key. By sending a specially...
Security Bulletin: IBM Workload Automation potentially affected by multiple vulnerabilities in Java.
Summary IBM Workload Automation potentially vulnerable to multiple vulnerabilities in Java that can cause integrity, availability, information disclosure issues CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597...
Security Bulletin: IBM Workload Automation is potentially affected by a vulnerability in OpenSSL that might cause Denial of Service
Summary IBM Workload Automation is potentially affected by multiple vulnerabilities in OpenSSL that could cause Denial of Service CVE-2023-4807, CVE-2023-3817 Vulnerability Details CVEID:CVE-2023-4807 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a state corruption flaw in...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Automation.
Summary IBM Workload Automation has updated OpenSSL to address multiple vulnerabilities. CVE-2023-2650, CVE-2023-0464, CVE-2023-0466, CVE-2023-0465. Vulnerability Details CVEID:CVE-2023-2650 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw when using OBJobj2txt directly...
Security Bulletin: IBM Workload Automation affected by multiple vulnerabilities in RHEL (CVE-2023-32681, CVE-2022-48468)
Summary IBM Workload Automation container solution is affectedby multiple vulnerabilities found in RHEL. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: python-requests could allow a remote attacker to obtain sensitive information, caused by the leaking of Proxy-Authorization headers to...
GHSA-5MP4-32RR-V3X5 Absolute path traversal vulnerability in digdag server
Summary Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. Impact This issue may lead to Information Disclosure...
Security Bulletin: IBM Workload Automation potentially affected by a vulnerability in Google Guava (CVE-2023-2976)
Summary IBM Workload Automation is potentially affected by a vulnerability found in Google Guava that can cause sensitive information disclosure. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused ...
Security Bulletin: IBM Workload Automation potentially affected by a vulnerability in Okio GzipSource (CVE-2023-3635)
Summary IBM Workload Automation is potentially affected by a vulnerability found in Okio GzipSource that can cause denial of service. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially...
CVE-2023-28009
HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
CVE-2023-28009
HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
CVE-2023-28008
HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
Xxe
HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
Xxe
HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
CVE-2023-28009
CVE-2023-28009 affects HCL Workload Automation. The vulnerability is an XML External Entity (XXE) injection in the XML processing path. Impact stated in sources: potential exposure of sensitive information and/or memory/resource exhaustion. Exploitation details are not provided in the documents; ...
CVE-2023-28009 HCL Workload Automation is vulnerable to XML External Entity (XXE) Injection
HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
CVE-2023-28009 HCL Workload Automation is vulnerable to XML External Entity (XXE) Injection
HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
CVE-2023-28008
CVE-2023-28008 affects HCL Workload Automation versions 9.4, 9.5, and 10.1 where XML data is processed. The root cause is XML External Entity (XXE) injection in the XML processing path, enabling a remote attacker to access sensitive information or exhaust memory resources as described across mult...