58 matches found
Security Bulletin: Apache Commons Codec is vulnerable to PRISMA-2021-0055 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses Apache Commons Codec which is vulnerable to PRISMA-2021-0055. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validati...
Security Bulletin: A vulnerability in Apache Commons Code affects IBM Robotic Process Automation and may result in a disclosure of sensitive information. (IBM X-Force ID: 177834)
Summary Apache Commons Codec is used by IBM Robotic Process Automation as part of the IBM Licence and Metrics Tool. IBM X-Force ID: 177834 Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the...
maven bug fix and enhancement update
An update is available for plexus-interpolation, httpcomponents-core, maven-wagon, maven, google-guice, jsoup, jansi, apache-commons-io, apache-commons-lang3, maven-shared-utils, plexus-utils, plexus-classworlds, jakarta-annotations, httpcomponents-client, apache-commons-codec, plexus-cipher,...
Security Bulletin: IBM Integration Bus is vulnerable to a remote attack & denial of service due to Apache Thrift & Apache Commons Codec (CVE-2018-1320, CVE-2019-0205, IBM X-Force ID: 177835)
Summary IBM Integration Bus is vulnerable to a remote attack & denial of service due to Apache Thrift & Apache Commons Codec CVE-2018-1320, CVE-2019-0205, IBM X-Force ID: 177835. The fixes include libthrift 0.17.0 & commons-codec version 1.15 Vulnerability Details CVEID:CVE-2018-1320 DESCRIPTION:...
Security Bulletin: Vulnerability in Apache Commons Codec 1.7 shipped with IBM Operations Analytics - Log Analysis
Summary Vulnerability in Apache Commons Codec 1.7 could allow a remote attacker to obtain sensitive information. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input...
Security Bulletin: IBM InfoSphere Identity Insight vulnerabilities in third party libraries (CVE-2021-39239, CVE-2022-23308, CVE-2021-29424, CVE-2020-15250, 177835)
Summary A vulnerability in the libxml2 library can cause a denial of service in IBM InfoSphere Identity Insight. Other vulnerabilities that do not impact Identity Insight are present in four libraries that are currently included with the product but not used. Vulnerability Details...
Security Bulletin: IBM Security Identity Manager virtual appliance is vulnerable to arbitrary code execution due to Apache Log4j and issues in other open source components (CVE-2021-4104)
Summary IBM Security Identity Manager virtual appliance is vulnerable to arbitrary code execution due to Apache Log4j CVE-2021-4104. Apache Log4j is used by IBM Security Identity Manager virtual appliance as part of its logging infrastructure. This fix upgrades to Apache Log4j v2.17.1, as well as...
new packages: apache-commons-codec
An update is available for apache-commons-codec. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Roc...
maven:3.6 security and enhancement update
An update is available for apache-commons-io, atinject, jsr-305, maven-shared-utils, plexus-cipher, aopalliance, plexus-classworlds, guava, apache-commons-cli, plexus-containers, plexus-sec-dispatcher, httpcomponents-client, maven-resolver, apache-commons-lang3, plexus-interpolation, sisu,...
Security Bulletin: Vulnerability in Apache Commons Codec affects IBM Spectrum Control (177835)
Summary Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. This vulnerability affects IBM Spectrum Control. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons Codec information disclosure CVSS Ba...
Security Bulletin: Input Validation Vulnerability in Apache Commons Codec Affects IBM Sterling Connect:Direct for UNIX
Summary An Apache Commons Codec vulnerability for validating input was addressed by IBM Sterling Connect:Direct for UNIX. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper...
Security Bulletin: Apache Commons Codec Vulnerability affects IBM Rational ClearQuest (177835)
Summary IBM Rational ClearQuest is vulnerable to an Apache Commons Codec vulnerability. IBM Rational ClearQuest has addressed the vulnerability. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons Codec information disclosure CVSS Base score: 7.5 CVSS Temporal Score: See:...
3.6 bug fix and enhancement update
An update is available for apache-commons-io, atinject, jsr-305, maven-shared-utils, plexus-cipher, aopalliance, plexus-classworlds, guava, apache-commons-cli, plexus-containers, plexus-sec-dispatcher, httpcomponents-client, maven-resolver, apache-commons-lang3, plexus-interpolation, sisu,...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Commons Codec
Summary A vulnerability in Apache Commons Codec that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of...
Security Bulletin: IBM Content Manager is affected by a potential information disclosure vulnerability
Summary IBM Content Navigator has addressed the following vulnerability. A potential vulnerability in the Apache Commons Codec module could allow information disclosure. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons Codec information disclosure CVSS Base score: 7.5...
Security Bulletin: Netcool Operations Insight - Cloud Native Event Analytics is affected by an Apache Commons Codec vulnerability
Summary Netcool Operations Insight - Cloud Native Event Analytics has addressed the following vulnerability in Apache Commons Codec Vulnerability Details CVEID: CVE-2020-8201 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by CR-to-Hyphen conversion. By sending specially...
Security Bulletin: Netcool Operations Insight - Cloud Native Event Analytics is affected by an Apache Commons Codec vulnerability
Summary Netcool Operations Insight - Cloud Native Event Analytics has addressed the following vulnerability in Apache Commons Codec Vulnerability Details CVEID: CVE-2020-8237 DESCRIPTION: Node.js json-bigint module is vulnerable to a denial of service, caused by a prototype pollution flaw. By...
Security Bulletin: IBP javaenv and dind images
Summary Versions of IBP images javaenv and dind before 2.5.1 included a version of gradle that depended upon vulnerable Apache libraries. Gradle is a build system, intended to aid in building chaincode, though not required for building chaincode. Vulnerability Details CVEID: CVE-2020-1953...
Security Bulletin: Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input.
Summary Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. An attacker could exploit this vulnerability using a method call to obtain sensitive information. Vulnerability Details Third Party Entry: 177835 DESCRIPTION:...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Commons Codec
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Apache Commons Codec. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons Codec information disclosure CVSS Base score: 7.5 CVSS Temporal Score: See:...