9 matches found
Security Bulletin: IBM Sterling B2B Integrator B2B API vulnerable to multiple issues due to Apache CXF
Summary IBM Sterling B2B Integrator uses Apache CXF. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2022-46363 DESCRIPTION: Apache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when the CXFServlet is...
Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.0 release and security update
Red Hat JBoss Web Server 5.7.0 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which give...
Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-2021-30468
Summary IBM TRIRIGA Application Platform discloses CVE-2021-30468 Vulnerability Details CVEID:CVE-2021-30468 DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by an infinite loop flaw in the JsonMapObjectReaderWriter function. By sending a specially-crafted JSON to a web servic...
Security Bulletin: Tivoli Network Manager IP Edition is vulnerable to a denial of service vulnerability (CVE-2021-30468)
Summary Apache CXF is used by Tivoli Network Manager IP Edition ITNM. A denial of service vulnerability CVE-2021-30468 has been addressed by updating to Version 4.2.0.x Vulnerability Details CVEID: CVE-2021-30468 DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by an infinite...
com.treelogic-swe:aws-mock (=1.0), com.treelogic-swe:cxf-stub (=ec2-2013-02-01) potentially affected by CVE-2021-30468 via org.apache.cxf:apache-cxf (=2.7.5)
org.apache.cxf:apache-cxf MAVEN version =2.7.5 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf:apache-cxf and may be impacted: - com.treelogic-swe:aws-mock =1.0 - com.treelogic-swe:cxf-stub =ec2-2013-02-01 Source cves: CVE-2021-30468...
Security Bulletin: Apache CXF as used by IBM QRadar SIEM is vulnerable to denial of service (DOS) (CVE-2021-30468)
Summary Apache CXF as used by IBM QRadar SIEM is vulnerable to denial of service Vulnerability Details CVEID: CVE-2021-30468 DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by an infinite loop flaw in the JsonMapObjectReaderWriter function. By sending a specially-crafted JSON...
Security Bulletin: Apache CXF vulnerability identified in IBM Tivoli Application Dependency Discovery Manager (CVE-2021-30468)
Summary This security bulletin addresses the vulnerability in Open Source Apache CXF that affect IBM Tivoli Application Dependency Discovery Manager. Vulnerability Details CVEID: CVE-2021-30468 DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by an infinite loop flaw in the...
Moderate: Red Hat Security Advisory: Red Hat Integration Camel-K 1.4 release and security update
A minor version update from 1.3 to 1.4 is now available for Red Hat Integration Camel K that includes bug fixes and enhancements. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a...
CVE-2021-30468
CVE-2021-30468 is a denial-of-service issue in Apache CXF caused by an infinite loop in the JsonMapObjectReaderWriter. Connected IBM advisories confirm the vulnerability affects CXF usage in IBM products (e.g., Tivoli Network Manager IP Edition and IBM Security Guardium) and list the affected CXF...