8 matches found
Security Bulletin: vulerability in IBM Spectrum Symphony with okhttp component
Summary vulerability in IBM Spectrum Symphony with okhttp component Vulnerability Details CVEID:CVE-2023-0833 DESCRIPTION: A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing...
Security Bulletin: Multiple vulnerabilities in IBM Rapid Infrastructure Automation
Summary Multiple vulnerabilities were addressed in IBM Rapid Infrastructure Automation v1.1.5 Vulnerability Details CVEID:CVE-2024-47875 DESCRIPTION: DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This...
Security Bulletin: IBM App Connect Enterprise toolkit is vulnerable to a local authenticated attacker due to the OKHttp component. (CVE-2023-0833).
Summary IBM App Connect Enterprise toolkit is vulnerable to a local authenticated attacker due to the OKHttp component. CVE-2023-0833. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-0833 DESCRIPTION: Red Hat AMQ-Streams could allow ...
Security Bulletin: Vulnerability of okhttp-3.9.0.jar is affecting APM WebSphere Application Server Agent, APM Tomcat Agent, APM SAP NetWeaver Java Stack Agent and APM Data Collector for J2SE
Summary APM WebSphere Application Server Agent, APM Tomcat Agent, APM SAP NetWeaver Java Stack Agent and APM Data Collector for J2SE are vulnerable to okhttp-3.9.0.jar CVE-2023-0833. The workaround includes okhttp-3.9.0.jar upgraded to okhttp-4.12.0.jar. Vulnerability Details CVEID:CVE-2023-0833...
Security Bulletin: IBM Datapower Operations Dashboard could allow a local authenticated attacker to obtain sensitive information CVE-2023-0833
Summary Red Hat AMQ-Streams is used by the IBM Datapower Operations Dashboard implementation of Kubernetes operators Vulnerability Details CVEID:CVE-2023-0833 DESCRIPTION: Red Hat AMQ-Streams could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in OKHttp...
CVE-2023-0833
CVE-2023-0833 — IBM and Red Hat sources confirm an information disclosure flaw in the OKHttp component shipped with Red Hat AMQ-Streams. An authenticated attacker could trigger an exception via a header containing an illegal value to access information beyond their permissions. The IBM security b...
Important: Red Hat Security Advisory: Red Hat AMQ Streams 2.4.0 release and security update
Red Hat AMQ Streams 2.4.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 2.2.1 release and security update
Red Hat AMQ Streams 2.2.1 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...