39 matches found
Security Bulletin: Multiple Vulnerabilities in IBM StreamSets Data Collector
Summary Multiple vulnerabilities were addressed in IBM StreamSets Data Collector version 6.4.0. Vulnerability Details CVEID:CVE-2015-5262 DESCRIPTION: http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setti...
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...
Security Bulletin: TADDM is vulnerable to a denial of service due to vulnerabilities in Apache HttpClient
Summary Apache HttpClient used by IBM Tivoli Application Dependency Discovery Manager and is vulnerable to CVE-2011-1498, CVE-2012-5783, CVE-2012-6153, CVE-2014-3577,CVE-2015-5262 Vulnerability Details CVEID:CVE-2011-1498 DESCRIPTION: Apache HttpComponents could allow a remote attacker to obtain...
Security Bulletin: Multiple vulnerabilities found with third-party libraries used by IBM® MobileFirst Platform
Summary There are multiple vulnerabilities in open source libraries used by IBM MobileFirst Platform Foundation. They are addressed in this update. Vulnerability Details CVEID:CVE-2022-3517 DESCRIPTION: minimatch is vulnerable to a denial of service, caused by a regular expression denial of servi...
SUSE CVE-2015-5262
http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...
Security Bulletin: Apache Commons HttpClient 3.x (and few others) allow Man-In-The-Middle (MITM) attack
Summary Apache Commons HttpClient 3.x and few others used do not verify the server hostname in the subject Common Name CN and allows Man-In-The-Middle MITM attack Vulnerability Details CVEID:CVE-2012-5783 DESCRIPTION: Apache Commons HttpClient, as used in Amazon Flexible Payments Service FPS...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Portal shipped with IBM Intelligent Operations Center and related products (CVE-2015-5262)
Summary IBM WebSphere Portal is shipped as a component of IBM Intelligent Operations Center. Information about security vulnerabilities affecting IBM WebSphere Portal has been published in a security bulletin. Vulnerability Details Consult the security bulletin: Fixes available for Security...
Security Bulletin: Vulnerabilities in WebSphere Application Server affect IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise
Summary WebSphere Application Server is shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Vulnerabilities have been identified in WebSphere Application Server and the information about their fixes are published in security bulletins. Vulnerability Details Refer to the...
Security Bulletin: Security vulnerabilities have been fixed in IBM Security Identity Manager Virtual Appliance
Summary IBM Security Identity Manager Virtual Appliance ISIM VA has addressed the following vulnerabilities in Apache HttpComponents and HttpCommons that affect WebSphere Application Server Vulnerability Details CVEID: CVE-2015-5262 DESCRIPTION: Apache Commons is vulnerable to a denial of service...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2015-5262, CVE-2014-3577, CVE-2012-6153, CVE-2011-1498)
Summary IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager versions 4.2.0, 4.1.1 and 3.9. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...
Security Bulletin: A security vulnerability has been identified in embedded IBM WebSphere Application Server which is shipped with IBM Tivoli Netcool Configuration Manager (CVE-2015-5262, CVE-2014-3577, CVE-2012-6153, CVE-2011-1498)
Summary Embedded IBM WebSphere Application Server is shipped with IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...
Security Bulletin: Multiple Vulnerabilities in IBM WebSphere Application Server shipped with Tivoli Business Service Manager (CVE-2015-5262, CVE-2014-3577, CVE-2012-6153, CVE-2011-1498)
Summary IBM WebSphere Application Server is shipped with IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
Security Bulletin: Multiple vulnerabilities in Apache HttpComponents and HttpCommons affect WebSphere Application Server, which is shipped as part of IBM Cloud Pak for Applications (CVE-2015-5262, CVE-2014-3577, CVE-2012-6153, CVE-2011-1498)
Summary Multiple vulnerabilities in Apache HttpComponents and HttpCommons affect WebSphere Application Server CVE-2015-5262, CVE-2014-3577, CVE-2012-6153, CVE-2011-1498 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...
Security Bulletin: Multiple security vulnerabilities has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2015-5262, CVE-2014-3577, CVE-2012-6153, CVE-2011-1498)
Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2015-5262, CVE-2014-3577, CVE-2012-6153, CVE-2011-1498)
Summary IBM WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixe...
Security Bulletin: Multiple Vulnerabilities in Apache HttpComponents and HttpCommons affect WebSphere Application Server shipped with IBM Intelligent Operations Center (CVE-2015-5262, CVE-2014-3577, CVE-2012-6153, CVE-2011-1498)
Summary IBM WebSphere® Application Server is shipped with IBM® Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
Security Bulletin: Multiple Vulnerabilities in Apache HttpComponents and HttpCommons affect WebSphere Application Server
Summary There are multiple vulnerabilities in Apache HttpComponents and HttpCommons libraries which affect WebSphere Application Server. This has been addressed. Vulnerability Details CVEID: CVE-2015-5262 DESCRIPTION: Apache Commons is vulnerable to a denial of service, caused by the failure to...
SUSE: Security Advisory (SUSE-SU-2020:3149-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : apache-commons-httpclient (openSUSE-2020-1875)
This update for apache-commons-httpclient fixes the following issues : - http/conn/ssl/SSLConnectionSocketFactory.java ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...
Security update for apache-commons-httpclient (important)
openSUSE Security Update: Security update for apache-commons-httpclient Announcement ID: openSUSE-SU-2020:1873-1 Rating: important References: 1178171 945190 Cross-References: CVE-2014-3577 CVE-2015-5262 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now...