28 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-28170
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they...
Security Bulletin: Vulnerability in Eclipse EE4J Jakarta Expression Language affects watsonx.data
Summary Eclipse EE4J Jakarta Expression Language is vulnerable to bypass security restrictions attacks. This could affect watsonx.data. Vulnerability Details CVEID:CVE-2021-28170 DESCRIPTION: Eclipse EE4J Jakarta Expression Language could allow a remote attacker to bypass security restrictions,...
Security Bulletin: Common vulnerabilities fixed in Cloudera Data Platform 7.1.9 HF2
Summary Fixes to common vulnerabilities discovered in Cloudera Data Platform 7.1.9 are available to download from Cloudera. Vulnerability Details CVEID:CVE-2021-28170 DESCRIPTION: Eclipse EE4J Jakarta Expression Language could allow a remote attacker to bypass security restrictions, caused by a...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 8 (Important) (RHSA-2021:3468)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3468 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.3.9 serves as a replacement for Red Hat JBoss Enterprise Application Platfor...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 7 (Important) (RHSA-2021:3467)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3467 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.3.9 serves as a replacement for Red Hat JBoss Enterprise Application Platfor...
Security Bulletin: There are multiple security vulnerabilities in Apache Storm used by IBM Tivoli Netcool Manager.
Summary Apache-storm, used by IBM Tivoli Network Manager, contains many internal libraries which are vulnerable to various types of CVEs. Revealing sensitive information CVE-2021-28169, bypassing ACL validations CVE-2018-17196, heap based buffer overflow CVE-2015-5237, denial of service...
Security Bulletin: IBM Sterling Control Center is vulnerable to remote attacker security restrictions bypass due to Eclipse EE4J Jakarta Expression Language (CVE-2021-28170)
Summary Eclipse EE4J Jakarta Expression Language is used by IBM Sterling Control Center. Eclipse EE4J Jakarta Expression Language could allow a remote attacker to bypass security restrictions, and the issue has been addressed. Vulnerability Details CVEID: CVE-2021-28170 DESCRIPTION: Eclipse EE4J...
Moderate: Red Hat Security Advisory: Red Hat build of Quarkus 2.2.5 release and security update
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information...
ai.hyacinth.framework:core-service-admin-server (>=0.5.2 <=0.5.21), ai.hyacinth.framework:core-service-gateway-server (>=0.5.2 <=0.5.21) +3919 more potentially affected by CVE-2021-28170 via org.glassfish:javax.el (>=3.0-b01 <=3.0.1-b12)
org.glassfish:javax.el MAVEN version =3.0-b01, =0.5.2, =0.5.2, =0.5.2, =0.18.5, =2.1.7.RELEASE, =6.1.0, =6.1.0, =6.1.0, =6.1.0, =1.0, =0.1-1, =0.1-16 and more Source cves: CVE-2021-28170 Source advisory: OSV:GHSA-V6W3-2PRQ-H95F...
ai.hyacinth.framework:core-service-admin-server (=0.5.24), ai.hyacinth.framework:core-service-gateway-server (=0.5.24) +7438 more potentially affected by CVE-2021-28170 via org.glassfish:jakarta.el (>=3.0.2 <=3.0.3)
org.glassfish:jakarta.el MAVEN version =3.0.2, =1.4.2, =1.6.6, =j8.2.3.0, =j8.2.3.0, =j8.2.3.0, =j8.2.2.0, =2.1.11-RC2, =2.3.1.RELEASE - at.rechnerherz:aoprofiling =1.0.0 - at.rechnerherz:aoprofiling-autoconfigure =1.0.0 - at.rechnerherz:aoprofiling-spring-boot-starter =1.0.0 and more Source cves...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.1 security update on RHEL 8 (Important) (RHSA-2021:3658)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3658 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.1 security update on RHEL 7 (Important) (RHSA-2021:3656)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3656 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.1 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.1 security update on RHEL 8
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.9 security update
A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: EAP XP 2 security update to CVE fixes in the EAP 7.3.x base
This advisory resolves CVE issues filed against XP2 releases that have been fixed in the underlying EAP 7.3.x base. There are no changes to the EAP XP2 code base. NOTE: This advisory is informational only. There are no code changes associated with it. No action is required. Red Hat Product Securi...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 8
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 7
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 6
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.9 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...