Lucene search
K

31 matches found

nessus
nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2022-41854

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an...

6.5CVSS6.8AI score0.01476EPSS
Exploits1References2
cbl_mariner
cbl_mariner
added 2025/01/12 9:15 a.m.54 views

CVE-2022-41854 affecting package snakeyaml 1.25-2

CVE-2022-41854 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never applicable...

6.5CVSS8.4AI score0.01476EPSS
Exploits1
nessus
nessus
added 2024/11/14 12:0 a.m.11 views

Fedora 37 : snakeyaml (2022-c01dd659fa)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-c01dd659fa advisory. Security fix for CVE-2022-41854 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

6.5CVSS6.8AI score0.01476EPSS
Exploits1References2
nessus
nessus
added 2024/07/16 12:0 a.m.28 views

RHEL 9 : log4j (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - apache-commons-net: FTP client trusts the host from PASV response by default CVE-2021-37533 - Those using...

7.5CVSS7.3AI score0.01858EPSS
Exploits4References6
nessus
nessus
added 2024/05/11 12:0 a.m.35 views

RHEL 7 : dev-java_snakeyaml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - dev-java/snakeyaml: DoS via stack overflow CVE-2022-41854 Note that Nessus has not tested for this issue but has...

6.9AI score0.01476EPSS
Exploits1References1
ibm
ibm
added 2023/12/20 8:4 p.m.40 views

Security Bulletin: Multiple vulnerabilities in open source libraries affect IBM® Db2® Federated.

Summary Multiple vulnerabilities in open source libraries affect IBM® Db2® Federated. These vulnerabilities were fixed in the images published on December 01, 2023 but the CVEs were not included in the bulletin. Vulnerability Details CVEID:CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote...

9.8CVSS9.6AI score0.99615EPSS
Exploits12Affected Software1
redhat
redhat
added 2023/12/07 1:41 p.m.64 views

Moderate: Red Hat Security Advisory: AMQ Clients 2023.Q4

An update is now available for Red Hat AMQ Clients Red Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Reference...

9.8CVSS7.1AI score0.99615EPSS
Exploits13References13
amazon
amazon
added 2023/10/03 12:0 a.m.5 views

Medium: snakeyaml

Issue Overview: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow. CVE-2022-38752 Those using Snakeyaml to parse...

6.5CVSS7AI score0.02091EPSS
Exploits1
osv
osv
added 2023/08/12 11:5 a.m.5 views

OESA-2023-1503 snakeyaml security update

SnakeYAML is a YAML parser and emitter for the Java Virtual Machine. YAML is a data serialization format designed for human readability and interaction with scripting languages. Security Fixes: Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS...

6.5CVSS6.6AI score0.01476EPSS
Exploits1References2
nessus
nessus
added 2023/07/06 12:0 a.m.36 views

Fedora 38 : picocli (2023-27ec59a486)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-27ec59a486 advisory. Update to version 4.7.4 Security fix for CVE-2022-41854 Tenable has extracted the preceding description block directly from the Fedora security...

6.5CVSS6.9AI score0.01476EPSS
Exploits1References2
redhat
redhat
added 2023/06/15 3:23 p.m.62 views

Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.18.3 Patch 2 release

Camel for Spring Boot 3.18.3 Patch 2 release and security update is now available. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.8CVSS6.8AI score0.19653EPSS
Exploits16References18
redhat
redhat
added 2023/05/31 11:43 a.m.21 views

Moderate: Red Hat Security Advisory: Migration Toolkit for Runtimes security update

An update for mtr-operator-bundle-container, mtr-operator-container, mtr-web-container, and mtr-web-executor-container is now available for Migration Toolkit for Runtimes 1 on RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability...

7.5CVSS6.8AI score0.01476EPSS
Exploits3References4
redhat
redhat
added 2023/05/10 11:25 a.m.46 views

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update on RHEL 9

New Red Hat Single Sign-On 7.6.3 packages are now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.8AI score0.02091EPSS
Exploits2References8
redhat
redhat
added 2023/05/10 11:25 a.m.84 views

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update on RHEL 7

New Red Hat Single Sign-On 7.6.3 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.8AI score0.02091EPSS
Exploits2References8
ibm
ibm
added 2023/04/26 3:33 p.m.79 views

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 3.7.1 Vulnerability Details CVEID:CVE-2023-0767 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla Firefox, could allow a remote attacker to execute arbitrary code on the system, caused by an...

9.8CVSS10AI score0.8377EPSS
Exploits22Affected Software1
ibm
ibm
added 2023/04/21 10:26 p.m.45 views

Security Bulletin: IBM MQ Blockchain bridge is vulnerable to an issue identified in snakeyaml (CVE-2022-41854)

Summary An issue was identified with the snakeyaml package that is used by the fabric gateway package that is used by the IBM MQ Blockchain bridge package to provide Blockchain functionality in IBM MQ. Vulnerability Details CVEID:CVE-2022-41854 DESCRIPTION: snakeYAML is vulnerable to a denial of...

6.5CVSS6.5AI score0.01476EPSS
Exploits1Affected Software1
nessus
nessus
added 2023/03/30 12:0 a.m.43 views

RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 9 (RHSA-2023:1514)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1514 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS8AI score0.99615EPSS
Exploits11References44
redhat
redhat
added 2023/03/29 11:45 a.m.42 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.2AI score0.99615EPSS
Exploits11References33
redhat
redhat
added 2023/03/29 11:44 a.m.90 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 7 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.2AI score0.99615EPSS
Exploits11References33
redhat
redhat
added 2023/03/29 11:44 a.m.47 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 8 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.2AI score0.99615EPSS
Exploits11References33
Rows per page
Query Builder