34 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-1436
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads...
Security Bulletin: IBM Asset Data Dictionary Component uses grpc-protobuf-1.50.2.jar and jettison-1.5.2.jar which is vulnerable to CVE-2023-32731 and CVE-2023-1436
Summary IBM Asset Data Dictionary Component uses grpc-protobuf-1.50.2.jar and jettison-1.5.2.jar which is vulnerable to CVE-2023-32731 and CVE-2023-1436. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-32731 DESCRIPTION: gRPC...
Security Bulletin: Vulnerability in Jettison affects IBM watsonx.data
Summary Jettison is vulnerable to a denial of service, caused by an infinite recursion when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. A remote attacker could exploit this vulnerability to cause a denial of service. This can affect...
RHEL 9 : log4j (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - apache-commons-net: FTP client trusts the host from PASV response by default CVE-2021-37533 - Those using...
CVE-2023-1436
creationtimestamp| type| source ---|---|--- 2024-02-08 09:11:54+00:00| seen| https://t.me/ctinow/181234 2024-02-08 09:41:24+00:00| seen| https://t.me/ctinow/181244 2024-02-08 09:41:25+00:00| seen| https://t.me/ctinow/181245 2024-02-08 09:41:26+00:00| seen| https://t.me/ctinow/181246 2024-02-08...
OESA-2023-1968 jettison security update
Jettison is a collection of Java APIs like STaX and DOM which read and write JSON. This allows nearly transparent enablement of JSON based web services in services frameworks like CXF or XML serialization frameworks like XStream. Security Fixes: An infinite recursion is triggered in Jettison when...
Security Bulletin: IBM Sterling B2B Integrator EBICs client affected by multiple issues due to Jettison
Summary IBM Sterling B2B Integrator uses Jettison in its EBICs client. Vulnerability Details CVEID:CVE-2023-1436 DESCRIPTION: Jettison is vulnerable to a denial of service, caused by an infinite recursion when constructing a JSONArray from a Collection that contains a self-reference in one of its...
Moderate: Red Hat Security Advisory: Migration Toolkit for Runtimes bug fix, enhancement and security update
Migration Toolkit for Runtimes 1.2.3 release Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Oracle Identity Manager (October 2023 CPU)
The version of Oracle Identity Manager installed on the remote host is missing a security patch and is, therefore affected by multiple vulnerabilities as referenced in the October 2023 Critical Patch UpdateCPU advisory. - Vulnerability in the Oracle Identity Manager product of Oracle Fusion...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.5 security update
A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.5 security update on RHEL 9
New Red Hat Single Sign-On 7.6.5 packages are now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.5 for OpenShift image enhancement and security update
A new image is available for Red Hat Single Sign-On 7.6.5, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...
RHEL 7 : Red Hat Single Sign-On 7.6.5 security update on RHEL 7 (Important) (RHSA-2023:4918)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4918 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...
RHEL 9 : Red Hat Single Sign-On 7.6.5 security update on RHEL 9 (Important) (RHSA-2023:4920)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4920 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.12 security update
An update is now available for Red Hat JBoss Enterprise Application Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
RHEL 9 : Red Hat JBoss Enterprise Application Platform (RHSA-2023:4507)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4507 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
Oracle WebLogic Server (July 2023 CPU)
The version of Oracle WebLogic Server installed on the remote host is missing a security patch from the July 2023 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities, including: - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware...