Lucene search
K

11 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/27 7:5 a.m.8 views

Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Eclipse Jetty

Summary Vulnerabilities have been identified in Eclipse Jetty, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2021-28165 DESCRIPTION: In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can rea...

7.8CVSS7.5AI score0.53861EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-12545

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames contain...

7.5CVSS6.4AI score0.05082EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/21 6:13 p.m.73 views

Security Bulletin: IBM Storage Protect is vulnerable to multiple attacks due to http2-server and http2-common

Summary IBM Storage Protect Server uses the http2-server and http2-common components and may be vulnerable to these attacks. Vulnerability Details CVEID:CVE-2019-9511 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by a Data Dribble attack. By sending a HTTP/2 request ...

7.8CVSS6.9AI score0.87806EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/01 9:34 p.m.37 views

Security Bulletin: IBM Process Mining is vulnerable to DOS due to Eclipse Jetty CVE-2018-12545

Summary Eclipse Jetty is used by IBM Process Mining. CVE-2018-12545 Vulnerability Details CVEID:CVE-2018-12545 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by the additional CPU and memory allocations required to handle changed settings. By sending either large SETTINGs...

7.5CVSS7.3AI score0.05082EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/23 4:36 p.m.58 views

Security Bulletin: Multiple Java Vulnerabilities Affect IBM Connect:Direct Web Services

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by IBM Connect:Direct Web Services. These issues were disclosed as part of the IBM Java SDK updates in May 2019 Vulnerability Details CVE-ID: CVE-2019-10246 Description: Eclipse...

7.5CVSS8.1AI score0.09591EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/16 4:5 p.m.53 views

Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect Rational Service Tester

Summary Eclipse Jetty contains vulnerabilities that may allow a remote attacker to obtain sensitive information, cause execution of scripts without their knowledge and experience denial of service attacks. Vulnerability Details CVEID: CVE-2019-10241 DESCRIPTION: Eclipse Jetty is vulnerable to...

7.5CVSS1AI score0.09591EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/17 7:17 p.m.33 views

Security Bulletin: Vulnerability in Eclipse Jetty affecting Rational Functional Tester

Summary There is a vulnerability in Eclipse Jetty used by Rational Functional Tester RFT versions 9.1.1.1, 9.2.1.1 and 9.5.0.0. RFT has addressed the applicable CVE. Vulnerability Details Rational Functional Tester has addressed the following vulnerability: CVEID: CVE-2018-12545 DESCRIPTION:...

7.5CVSS0.6AI score0.05082EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/16 5:10 a.m.24 views

Security Bulletin: IBM Netcool Agile Service Manager is affected by a Jetty vulnerability (CVE-2018-12545)

Summary IBM Netcool Agile Service Manager has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2018-12545 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by the additional CPU and memory allocations required to handle changed settings. By sending...

7.5CVSS1.1AI score0.05082EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/05/03 12:0 a.m.31 views

Fedora 28 : jetty (2019-d9f867cb65)

Fixes CVE-2018-12545 - denial of service security vulnerability. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS6.3AI score0.05082EPSS
Exploits0References2
CVE
CVE
added 2019/03/27 7:21 p.m.127 views

CVE-2018-12545

CVE-2018-12545 : In Eclipse Jetty 9.3.x and 9.4.x, the server is vulnerable to Denial of Service when a remote client sends large or numerous SETTINGS frames, due to extra CPU and memory allocations to handle changed settings. The IBM Security Bulletin for Jazz Foundation lists this CVE among Jet...

7.5CVSS7.3AI score0.05082EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2019/03/27 7:21 p.m.30 views

CVE-2018-12545

In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to the additional CPU and memory allocations require...

7.5CVSS5.8AI score0.05082EPSS
Exploits0
Rows per page
Query Builder