Lucene search
K

32 matches found

vulnersOsv
vulnersOsv
added 2025/01/15 6:56 p.m.9 views

ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=0.8.38 <=0.8.41), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=0.8.38 <=0.8.41) +1863 more potentially affected by CVE-2023-0482 via org.jboss.resteasy:resteasy-core (>=4.0.0.Beta6 <=4.7.7.Final)

org.jboss.resteasy:resteasy-core MAVEN version =4.0.0.Beta6, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =2.0.0, =0.1.5, =0.1.5, =1.0.0-alpha1, =0.0.1, =1.8.0, =0.5.8, =0.5.9 and more Source cves: CVE-2023-0482 Source advisory: OSV:GHSA-2C6G-PFX3-W7H8htt...

5.5CVSS6.6AI score0.00819EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/01/15 6:56 p.m.7 views

com.planonsoftware.app:com.planonsoftware.app.gradle.plugin (=0.0.1), com.planonsoftware:gradle.development.environment.plugin (=0.0.1) +28 more potentially affected by CVE-2023-0482 via org.jboss.resteasy:resteasy-multipart-provider (>=5.0.0.Alpha1 <=5.0.5.Final)

org.jboss.resteasy:resteasy-multipart-provider MAVEN version =5.0.0.Alpha1, =0.15.3, =0.15.3, =0.15.3, =0.15.3, =0.27.1, =0.27.1, =9.5.7, =3.5.0, =0.7.6, =0.7.6, =0.7.6, =0.7.2, =4.1.5, =4.7.2 and more Source cves: CVE-2023-0482 Source advisory: OSV:GHSA-2C6G-PFX3-W7H8...

5.5CVSS6.7AI score0.00819EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2025/01/15 6:56 p.m.17 views

Insecure Temporary File in RESTEasy

Impact In RESTEasy the insecure File.createTempFile is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user. Patches Fixed in the following pull requests:...

5.5CVSS6.8AI score0.00819EPSS
Exploits0References15Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/01 6:49 a.m.16 views

Security Bulletin: IBM SPSS Analytic Server is vulnerable to a privilege escalation due to RESTEasy (CVE-2023-0482)

Summary IBM SPSS Analytic Server is vulnerable to a privilege escalation due to RESTEasy CVE-2023-0482 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM SPSS Analytic Server| 3.5...

5.5CVSS8.7AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/15 3:40 p.m.38 views

Security Bulletin: Several Security Vulnerabilities were discovered in IBM Security Directory Suite. (CVE-2023-24998, CVE-2023-28867, CVE-2023-0482)

Summary Several vulnerabilities were addressed in WebSphere Application Server Liberty components shipped with the IBM Security Directory Suite Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit t...

7.5CVSS7.8AI score0.46836EPSS
Exploits1Affected Software1
Amazon
Amazon
added 2024/01/09 12:0 a.m.4 views

Medium: resteasy-base

Issue Overview: A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's paramete...

5.5CVSS6.5AI score0.01439EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/09 12:0 a.m.42 views

Amazon Linux 2 : resteasy-base (ALAS-2024-2398)

The version of resteasy-base installed on the remote host is prior to 3.0.6-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2398 advisory. A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are...

5.5CVSS6.6AI score0.01439EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/03 4:21 p.m.26 views

Security Bulletin: Vulnerability in WebSphere Liberty affect Cloud Pak System [CVE-2023-0482]

Summary Vulnerability in WebSphere Liberty affect Cloud Pak System CVE-2023-0482. Vulnerability Details CVEID:CVE-2023-0482 DESCRIPTION: RESTEasy could allow a local authenticated attacker to gain elevated privileges on the system, caused by the creation of insecure temp files in the...

5.5CVSS5.6AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/06 7:58 a.m.65 views

Security Bulletin: IBM Spectrum Control is vulnerable to weaknesse related to IBM WebSphere Application Server Liberty

Summary Vulnerability in IBM WebSphere Application Server Liberty such as denial of service, gaining elevated privileges may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2023-28867 DESCRIPTION: GraphQL Java is vulnerable to a denial of service, caused by a stack-based buffer...

7.5CVSS6.9AI score0.01051EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/30 4:29 a.m.54 views

Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to privilege escalation due to IBM WebSphere Application Server Liberty (CVE-2023-0482)

Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details...

5.5CVSS5.7AI score0.00819EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/09/14 9:51 a.m.36 views

Important: Red Hat Security Advisory: Red Hat AMQ Streams 2.5.0 release and security update

Red Hat AMQ Streams 2.5.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS7.3AI score0.99615EPSS
Exploits13References19
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/18 4:17 p.m.42 views

Security Bulletin: RESTEasy component is vulnerable to CVE-2023-0482 is used by IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses RESTEasypackage which is vulnerable to CVE-2023-0482. Vulnerability Details CVEID:CVE-2023-0482 DESCRIPTION: RESTEasy could allow a local authenticated attacker to gain elevated privileges on the system, caused by the creation of insecure temp files in th...

5.5CVSS5.7AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/01 6:35 a.m.35 views

Security Bulletin: IBM PowerVM Novalink is vulnerable because RESTEasy could allow a local authenticated attacker to gain elevated privileges on the system, caused by the creation of insecure temp files in the File. (CVE-2023-0482)

Summary IBM PowerVM Novalink is vulnerable because RESTEasy could allow a local authenticated attacker to gain elevated privileges on the system, caused by the creation of insecure temp files in the File.createTempFile used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes. By...

5.5CVSS5.8AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/13 3:29 p.m.61 views

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a privilege escalation due to RESTEasy (CVE-2023-0482)

Summary IBM Spectrum Protect for Workstations Central Administration Console requires the dependent product IBM WebSphere Application Server Liberty. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Refer to t...

5.5CVSS5.5AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/06 6:4 p.m.25 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to RESTEasy privileges elevation vulnerability( CVE-2023-0482)

Summary Potential RESTEasy privileges elevation vulnerability CVE-2023-0482 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-0482 DESCRIPTION: RESTEasy could allow a local...

5.5CVSS5.6AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/05 7:7 p.m.26 views

Security Bulletin: IBM Match 360 is vulnerable to a privilege escalation due to RESTEasy within IBM WebSphere Application Server Liberty (CVE-2023-0482)

Summary There is a vulnerability in the RESTEasy library used by IBM WebSphere Application Server Liberty when the feature restfulWS-3.0 or restfulWS-3.1 is enabled. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2023-0482 DESCRIPTION: RESTEasy could allow a...

5.5CVSS5.7AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/22 6:22 p.m.44 views

Security Bulletin: IBM Storage Protect Operations Center is vulnerable to a privilege escalation due to IBM WebSphere Application Server Liberty (CVE-2023-0482)

Summary IBM WebSphere Application Server Liberty is vulnerable to a privilege escalation due to RESTEasy. IBM Storage Protect Operations Center uses IBM WebSphere Application Server Liberty and may be affected by this vulnerability. Vulnerability Details CVEID:CVE-2023-0482 DESCRIPTION: RESTEasy...

5.5CVSS5.9AI score0.00819EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/05/10 11:25 a.m.45 views

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update on RHEL 9

New Red Hat Single Sign-On 7.6.3 packages are now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.8AI score0.02091EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2023/05/10 11:25 a.m.84 views

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update on RHEL 7

New Red Hat Single Sign-On 7.6.3 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.8AI score0.02091EPSS
Exploits2References8
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/09 5:55 p.m.13 views

Security Bulletin: CVE-2023-0482 may affect IBM TXSeries for Multiplatforms

Summary CVE-2023-0482 may affect IBM WebSphere Application Server Liberty used by IBM TXSeries for Multiplatforms. IBM TXSeries for Multiplatforms has addressed the applicable CVEs. Updated Liberty is provided as a special fix and the fix is uploaded to Fix Central. Vulnerability Details...

5.5CVSS5.7AI score0.00819EPSS
Exploits0Affected Software1
Rows per page
Query Builder