Lucene search
K

390 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/05/02 7:25 p.m.37 views

Security Bulletin: Apache Commons Compress is vulnerable to CVE-2024-26308 and CVE-2024-25710 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Apache Commons Compress which is vulnerable to CVE-2024-26308 and CVE-2024-25710. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress ...

8.1CVSS6.7AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/30 9:45 p.m.32 views

Security Bulletin: Vulnerabilities in Apache Commons Compress and PostgreSQL might affect IBM Storage Copy Data Management

Summary IBM Storage Copy Data Management can be affected by vulnerabilities in Apache Commons Compress and PostgreSQL. Vulnerabilities include causing a denial of service condition, and executing arbitrary SQL functions as the command issuer, as described by the CVEs in the "Vulnerability Details...

8.1CVSS8.2AI score0.01465EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/30 7:32 a.m.34 views

Security Bulletin: Multiple vulnerabilities in Apache Commons Compress may affect IBM Decision Optimization for IBM Cloud Pak for Data (CVE-2024-26308 & CVE-2024-25710)

Summary There are multiple vulnerabilities in Apache Commons Compress used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compre...

8.1CVSS7AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/24 11:55 a.m.27 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFix for March 2023.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 23.0.2-IF003. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error. By persuading a victim to open a specially...

8.1CVSS7AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/24 9:6 a.m.25 views

Security Bulletin: IBM Storage Insights is vulnerable to weaknesses related to Apache Commons Compress (CVE-2024-25710, CVE-2024-26308)

Summary Vulnerabilities in Apache Commons Compress may affect IBM Storage Insights. Vulnerabilities include denial of service attacks, as described by the CVEs in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Apache Commons Compress is vulnerable to ...

8.1CVSS6.6AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/19 2:34 p.m.33 views

Security Bulletin: IBM i Access Client Solutions is vulnerable to an infinite loop or out of memory error due to vulnerabilities in Apache Commons Compress.

Summary IBM i Access Client Solutions is vulnerable to an infinite loop CVE-2024-25710 or an out of memory error CVE-2024-26308 in Apache Commons Compress. Apache Commons Compress is used by the Data Transfer feature of IBM i Access Client Solutions when transferring data from reading xls and xls...

8.1CVSS6.6AI score0.00898EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/04/18 12:0 a.m.49 views

Oracle Primavera Gateway (April 2024 CPU)

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory. - Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to...

7.5CVSS6.5AI score0.01449EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/04/17 12:0 a.m.100 views

Oracle Primavera Unifier (April 2024 CPU)

The versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as...

8.8CVSS7.2AI score0.99999EPSS
Exploits23References7
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/11 7:6 p.m.31 views

Security Bulletin: IBM DevOps Deploy / IBM Urbancode Deploy (UCD) is vulnerable to denial of service due to Apache Commons Compress ( CVE-2024-25710, CVE-2024-26308 )

Summary Apache Commons Compress is vulnerable to a denial of service, caused by an infinite loop flaw. Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Apache Commons Compress is vulnerable to a...

8.1CVSS6.6AI score0.00898EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/10 12:0 a.m.6 views

The vulnerability of the Apache Commons Compress library, related to uncontrolled resource consumption, allows attackers to influence the accessibility of protected information.

The vulnerability of the Apache Commons Compress library is related to an uncontrolled resource consumption during the decompression of a corrupted Pack200 file. Exploiting this vulnerability allows an attacker to compromise the accessibility of protected information...

5.5CVSS6.6AI score0.00898EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2024/04/09 6:41 a.m.1 views

commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

A loop with an unreachable exit condition Infinite Loop vulnerability was found in Apache Common Compress. This issue can lead to a denial of service...

8.1CVSS6.8AI score0.00441EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/04 5:47 p.m.40 views

Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to a denial of service due to Apache Commons Compress (CVE-2024-25710, CVE-2024-26308)

Summary Apache Commons Compress is shipped with IBM Tivoli Netcool Impact as part of it's server communication infrastructure. Information about security vulnerabilities affecting Apache Commons Compress has been published in a security bulletin. Vulnerability Details CVEID:CVE-2024-25710...

8.1CVSS7AI score0.00898EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/04/03 10:53 a.m.44 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.2.11 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

10CVSS7AI score0.0481EPSS
Exploits0References16
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/02 10:47 a.m.39 views

Security Bulletin: IBM Cloud Pak for Network Automation 2.7.1 addresses multiple existing security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.7.1 addresses multiple security vulnerabilities, listed in the CVEs below. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-24680 DESCRIPTION: Django is vulnerable to a denial of service,...

9.8CVSS8.2AI score0.32257EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/28 5:47 p.m.33 views

Security Bulletin: IBM Automation Decision Services - March 2024 - CVE-2024-26308, CVE-2024-25710

Summary IBM Automation Decision Services is vulnerable to denial of service attacks in third party and open source used in the product for various functions. See full list below. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress...

8.1CVSS6.5AI score0.00898EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/03/26 11:15 a.m.5 views

commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

A loop with an unreachable exit condition Infinite Loop vulnerability was found in Apache Common Compress. This issue can lead to a denial of service...

8.1CVSS6.8AI score0.00441EPSS
Exploits0References6
Amazon
Amazon
added 2024/03/21 12:0 a.m.5 views

Important: apache-commons-compress

Issue Overview: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue. CVE-2024-25710 Affected Packages:...

8.1CVSS6.9AI score0.00441EPSS
Exploits0
Amazon
Amazon
added 2024/03/21 12:0 a.m.5 views

Important: apache-commons-compress

Issue Overview: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue. CVE-2024-25710 Affected Packages:...

8.1CVSS8.2AI score0.00441EPSS
Exploits0
Amazon
Amazon
added 2024/03/21 12:0 a.m.6 views

Important: javapackages-bootstrap

Issue Overview: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue. CVE-2024-25710 Affected Packages:...

8.1CVSS8.2AI score0.00441EPSS
Exploits0
Amazon
Amazon
added 2024/03/21 12:0 a.m.4 views

Important: javapackages-bootstrap

Issue Overview: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue. CVE-2024-25710 Affected Packages:...

8.1CVSS6.9AI score0.00441EPSS
Exploits0
Rows per page
Query Builder