Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/08/07 6:50 a.m.32 views

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to Bouncy Castle BC-FJA

Summary IBM Sterling Connect:Direct Web Service 6.1 and 6.2 is vulnerable to BC version 1.75 . We have upgraded to version 1.78 to fix CVE-2022-45146. Vulnerability Details CVEID:CVE-2022-45146 DESCRIPTION: The Legion of the Bouncy Castle BC-FJA could allow a remote attacker to obtain sensitive...

5.5CVSS5.6AI score0.00434EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/20 6:22 a.m.64 views

Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana using third-party Kubernetes Operators build 271. Vulnerability Details CVEID:CVE-2024-1023 DESCRIPTION: Eclipse Vert.x is vulnerable to a denial of service, caused by a memory leak due to the use of Netty...

6.5CVSS7AI score0.01639EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/29 10:43 a.m.40 views

Security Bulletin: Vulnerability in The Legion of the Bouncy Castle affects IBM Process Mining CVE-2022-45146

Summary There is a vulnerability in The Legion of the Bouncy Castle that could allow an remote attacker to obtain sensitive information on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

5.5CVSS5.8AI score0.00434EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2024/01/02 5:30 a.m.86 views

CVE-2022-45146

A flaw was found in the FIPS Java API of Bouncy Castle BC-FJA. Affected versions of this package are vulnerable to Improper Authentication. Changes to the JVM garbage collector in Java 13 and later can trigger an issue in the BC-FJA FIPS modules, where it is possible for temporary keys used by th...

5.5CVSS5.3AI score0.00434EPSS
Exploits1References3
Wolfi
Wolfi
added 2022/11/21 10:15 a.m.30 views

CVE-2022-45146 vulnerabilities

Vulnerabilities for packages: opensearch...

5.5CVSS5.7AI score0.00434EPSS
Exploits1
Chainguard
Chainguard
added 2022/11/21 10:15 a.m.72 views

CVE-2022-45146 vulnerabilities

Vulnerabilities for packages: elasticsearch, opensearch...

5.5CVSS6.5AI score0.00434EPSS
Exploits1
CVE
CVE
added 2022/11/21 12:0 a.m.443 views

CVE-2022-45146

CVE-2022-45146 affects the FIPS Java API in BC-FJA (Bouncy Castle) before 1.0.2.4. Changes to the JVM garbage collector in Java 13+ can cause temporary keys used by BC-FJA FIPS modules to be zeroed while still in use, leading to errors or potential information loss. Note: FIPS-certified Java vers...

5.5CVSS5.2AI score0.00434EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder