Lucene search
K

16 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 10:3 p.m.38 views

Security Bulletin: A security vulnerability has been identified in Apache CXF, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2017-12624).

Summary Apache CXF is shipped with IBM Tivoli Network Manager IP Edition 4.2. Information about a security vulnerability affecting Apache CXF has been published here. Vulnerability Details CVEID: CVE-2017-12624 DESCRIPTION: Apache CXF is vulnerable to a denial of service. By using a specially...

5.5CVSS5.7AI score0.03697EPSS
Exploits3Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/13 1:9 a.m.4 views

com.github.arucard21.simplyrestful:simplyrestful-jetty (=0.5), com.github.arucard21.simplyrestful:simplyrestful-spring-boot (=0.2) +216 more potentially affected by CVE-2017-12624 via org.apache.cxf:cxf-core (=3.2.0)

org.apache.cxf:cxf-core MAVEN version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf:cxf-core and may be impacted: - com.github.arucard21.simplyrestful:simplyrestful-jetty =0.5 -...

5.5CVSS6.4AI score0.03697EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2022/05/13 1:9 a.m.5 views

ai.idylnlp:idylnlp-nlp-language-detection-tika (>=1.0.0 <=1.1.0), com.alibaba:dubbo (>=2.5.4 <=2.6.0) +427 more potentially affected by CVE-2017-12624 via org.apache.cxf:cxf-core (>=3.0.0-milestone1 <=3.0.15)

org.apache.cxf:cxf-core MAVEN version =3.0.0-milestone1, =1.0.0, =2.5.4, =2.6.1, =5.4.2, =5.3.0, =0.0.1, =3.0.1, =3.1.2, =0.0.1, =0.6, =0.8 and more Source cves: CVE-2017-12624 Source advisory: OSV:GHSA-7VGJ-8MW4-HG8R...

5.5CVSS6.3AI score0.03697EPSS
Exploits3
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/22 7:27 p.m.30 views

Security Bulletin: IBM Spectrum Control (formerly IBM Tivoli Storage Productivity Center) is affected by a vulnerability in Apache CXF (CVE-2017-12624)

Summary A vulnerability in Apache CXF was disclosed which affects IBM Spectrum Control formerly IBM Tivoli Storage Productivity Center. There is a potential denial of service in Apache CXF that is used by WebSphere Application Server, which has addressed the applicable CVE. Vulnerability Details...

5.5CVSS5.8AI score0.03697EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/09 2:29 p.m.42 views

Security Bulletin: IBM Security Guardium is affected by an "Apache CXF" jar vulnerability

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2017-12624 DESCRIPTION: Apache CXF is vulnerable to a denial of service. By using a specially crafted message attachment header, a remote attacker could exploit this vulnerability to cause the AX-WS and...

8.1CVSS0.6AI score0.10348EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/12/26 7:30 a.m.27 views

Security Bulletin: Denial of Service in Apache CXF used by WebSphere Application Server affect IBM Operations Analytics - Log Analysis (CVE-2017-12624)

Summary There is a potential denial of service in Apache CXF that is used by WebSphere Application Server. Vulnerability Details CVEID: CVE-2017-12624 DESCRIPTION: Apache CXF is vulnerable to a denial of service. By using a specially crafted message attachment header, a remote attacker could...

5.5CVSS1.5AI score0.03697EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/08/21 12:0 a.m.59 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.1.4 on RHEL7 (RHSA-2018:2424)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2424 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red...

8.1CVSS7.1AI score0.10348EPSS
Exploits3References15
RedHat Linux
RedHat Linux
added 2018/08/15 11:31 a.m.88 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.4 on RHEL7 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

8.1CVSS6.9AI score0.10348EPSS
Exploits3References9
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:42 a.m.42 views

Security Bulletin: Open Source Apache CXF Vulnerabilities affects IBM Spectrum LSF Explorer

Summary Open Source Apache CXF Vulnerabilities affects IBM Spectrum LSF Explorer. Vulnerability Details CVEID: CVE-2017-12624 DESCRIPTION: Apache CXF is vulnerable to a denial of service. By using a specially crafted message attachment header, a remote attacker could exploit this vulnerability to...

5.5CVSS0.7AI score0.03697EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:51 p.m.33 views

Security Bulletin: IBM Tivoli Netcool Impact is affected by a potential denial of service used by IBM WebSphere Application Server vulnerability (CVE-2017-12624)

Summary IBM Tivoli Netcool Impact has addressed the following vulnerability. There is a potential denial of service in Apache CXF that is used by IBM WebSphere Application Server. Vulnerability Details CVEID: CVE-2017-12624 DESCRIPTION: Apache CXF is vulnerable to a denial of service. By using a...

5.5CVSS1.2AI score0.03697EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:13 p.m.33 views

Security Bulletin: A Security Vulnerability has been Identified in Websphere Application Server Shipped with Predictive Customer Intelligence (CVE-2017-12624)

Summary Websphere Application Server is shipped with Predictive Customer Intelligence. Information about security vulnerabilities affecting Websphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin: Denial ...

5.5CVSS6.1AI score0.03697EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:9 a.m.20 views

Security Bulletin: Information Disclosure in IBM HTTP Server and Denial of Service in Apache CXF used by IBM WebSphere Application Server for IBM Cloud (CVE-2017-12613, CVE-2017-12624)

Summary There is a potential information disclosure in IBM HTTP Server used by WebSphere Application Server. There is a potential denial of service in Apache CXF that is used by WebSphere Application Server. Vulnerability Details CVEID: CVE-2017-12613 DESCRIPTION: Apache Portable Runtime APR coul...

7.1CVSS0.8AI score0.03697EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:9 a.m.27 views

Security Bulletin: Denial of Service in Apache CXF used by WebSphere Application Server bundled with IBM WebSphere Application Server Patterns and IBM WebSphere Application Server for Cloud (CVE-2017-12624)

Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns and IBM WebSphere Application Server for Cloud. Information about security vulnerabilities affecting WebSphere Application Server has been published in a security bulletin. Vulnerability...

5.5CVSS6.1AI score0.03697EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:9 a.m.27 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2017-12624)

Summary IBM WebSphere Application Server is shipped as components of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the following Security Bulletin: Security Bulletin:...

5.5CVSS2.7AI score0.03697EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:8 a.m.33 views

Security Bulletin: Denial of Service in Apache CXF used by WebSphere Application Server (CVE-2017-12624)

Summary There is a potential denial of service in Apache CXF that is used by WebSphere Application Server. Vulnerability Details CVEID: CVE-2017-12624 DESCRIPTION: Apache CXF is vulnerable to a denial of service. By using a specially crafted message attachment header, a remote attacker could...

5.5CVSS1.2AI score0.03697EPSS
Exploits3Affected Software1
CVE
CVE
added 2017/11/14 4:0 p.m.138 views

CVE-2017-12624

CVE-2017-12624 affects Apache CXF JAX-WS/JAX-RS attachments. A crafted message attachment header can cause Denial of Service on CXF web services. From CXF 3.2.1 and 3.1.14, headers longer than 300 characters are rejected by default; this threshold is configurable via attachment-max-header-size.

5.5CVSS5.4AI score0.03697EPSS
Exploits3References13Affected Software1
Rows per page
Query Builder