Lucene search
+L

23 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/07/30 4:48 p.m.44 views

Security Bulletin: IBM Common Licensing's Administration And Reporting Tool (ART) and IBM LKS Administration Agent are affected by Spring Framework vulnerabilities.

Summary Multiple vulnerabilites in Spring Framework affect IBM Common Licensing. Security Vulnerablities have been addressed in IBM Common Licensing. Remediations/Fixes section address remediation actions. Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is...

9.8CVSS7.4AI score0.03425EPSS
Exploits4Affected Software1
NCSC
NCSC
added 2023/10/19 12:0 a.m.13 views

Vulnerabilities fixed in Oracle Financial Services Applications

Vulnerabilities have been fixed in Oracle Financial Services Applications products. A malicious party could exploit them to launch attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Accessing sensitive data Oracle has...

9.9CVSS7.2AI score0.99615EPSS
Exploits26
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/05 8:36 p.m.54 views

Security Bulletin: IBM Spectrum Symphony with Spring Framework is vulnerable to a denial of service, caused by improper input validation

Summary IBM Spectrum Symphony with Spring Framework is vulnerable to a denial of service, caused by improper input validation Vulnerability Details CVEID:CVE-2023-20861 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service. By sending a specially crafted SpEL expression,...

6.5CVSS7.1AI score0.01122EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/18 9:24 p.m.52 views

Security Bulletin: Mutiple Vulnerabilties Affecting IBM Watson Machine Learning Accelerator

Summary IBM Watson Machine Learning Accelerator 1.2.x is vulnerable to several vulnerabilities coming from dependent compoents. These are addressed. Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input...

7.5CVSS7.8AI score0.01122EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/24 8:30 p.m.45 views

Security Bulletin: VMware Tanzu Spring Framework is vulnerable to CVE-2023-20861 and CVE-2023-20863 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses VMware Tanzu Spring Framework which is vulnerable to CVE-2023-20861 and CVE-2023-20863. Vulnerability Details CVEID:CVE-2023-20861 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service. By sending a specially...

6.5CVSS7.1AI score0.01122EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/20 4:39 p.m.44 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to VMware Tanzu Spring Framework denial of service vulnerabilitiy [CVE-2023-20863]

Summary Potential VMware Tanzu Spring Framework denial of service vulnerabilitiy have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. CVE-2023-20863 Vulnerability Details...

6.5CVSS6.7AI score0.01122EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/20 4:33 p.m.39 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in VMware Tanzu Spring Framework (CVE-2023-20863)

Summary A vulnerability in VMware Tanzu Spring Framework used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation. By sending a specially...

6.5CVSS6.5AI score0.01122EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/07/19 12:0 a.m.61 views

Oracle Primavera Gateway (Jul 2023 CPU)

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2023 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin Apache Commons Net. Supported versions that...

7.5CVSS6.5AI score0.01858EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/12 9:32 p.m.35 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in VMware Tanzu Spring Framework (CVE-2023-20863)

Summary Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in VMware Tanzu Spring Boot, caused by improper input validation CVE-2023-20863. VMware Tanzu Spring Framework is used as part of our Speech Service microservices. This...

6.5CVSS6.4AI score0.01122EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/27 11:11 a.m.44 views

Security Bulletin: Vulnerability in Spring Framework affects IBM Process Mining . CVE-2023-20863

Summary There is a vulnerability in Spring Framework that could allow a remote authenticated attacker to execute a denial of service on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

6.5CVSS7AI score0.01122EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/05 3:11 p.m.33 views

Security Bulletin: Multiple vulnerabilities in VMware Tanzu Spring Framework affect IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow

Summary Multiple vulnerabilities exist in VMware Tanzu Spring Framework, which is used by the desktop version of IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow. IBM Process Designer has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-20861 DESCRIPTION...

6.5CVSS7.3AI score0.01122EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/05 2:28 p.m.34 views

Security Bulletin: Vulnerability in spring-expressions may affect IBM Business Automation Workflow - CVE-2023-20863

Summary IBM Business Automation Workflow packages a vulnerable copy of spring-expressions in BPM/Lombardi/lib. Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation. By sending a specially...

6.5CVSS6.5AI score0.01122EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 5:23 p.m.62 views

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 3.7.2 Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted SpEL...

8.1CVSS8.7AI score0.02416EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:29 a.m.38 views

Security Bulletin: Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager (CVE-2023-20863).

Summary Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager CVE-2023-20863. IBM has addressed the vulnerabilities. Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improp...

6.5CVSS7AI score0.01122EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/05/03 2:5 p.m.52 views

Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.18.3 Patch 1 security update

A patch is now available for Camel for Spring Boot 3.18.3. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System CVSS base score,...

7.5CVSS6.6AI score0.01122EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/04/14 12:0 a.m.27 views

VMware Spring Framework < 5.2.24, 5.3.x < 5.3.27, 6.0.x < 6.0.8 DoS Vulnerability - Linux

The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.5CVSS6.9AI score0.01122EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2023/04/13 9:30 p.m.11 views

africa.absa:inception-api (>=1.1.0 <=1.2.0), africa.absa:inception-application (>=1.1.0 <=1.2.0) +20175 more potentially affected by CVE-2023-20863 via org.springframework:spring-expression (>=5.3.0 <=5.3.26)

org.springframework:spring-expression MAVEN version =5.3.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.2.0 and more Source cves: CVE-2023-20863 Source advisory: OSV:GHSA-WXQC-PXW9-G2P8...

6.5CVSS6.8AI score0.01122EPSS
Exploits0
NVD
NVD
added 2023/04/13 8:15 p.m.41 views

CVE-2023-20863

In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service DoS condition...

6.5CVSS6.8AI score0.01122EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/13 12:0 a.m.18 views

CVE-2023-20863

In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service DoS condition...

6.6AI score0.01122EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/04/13 12:0 a.m.35 views

CVE-2023-20863

In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service DoS condition...

6.7AI score0.01122EPSS
Exploits0References2
Rows per page
Query Builder