13 matches found
Important: Red Hat Security Advisory: Red Hat AMQ Streams 2.6.0 release and security update
Red Hat AMQ Streams 2.6.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.2 release and security update
Red Hat Integration Camel for Spring Boot 3.20.2 release and security update is now available. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.18.3.2 release and security update
Red Hat Integration Camel for Spring Boot 3.18.3.2 release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having an impact of Important. A Common...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restriction bypass in VMware Tanzu Spring Boot (CVE-2023-20873)
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restriction bypass in VMware Tanzu Spring Boot, caused by a flaw with wildcard pattern matching when deployed on Cloud Foundry CVE-2023-20873. VMware Tanzu Spring Boot is used as part of our Speech...
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in VMware Tanzu Spring Boot
Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of VMware Tanzu Spring Boot. Vulnerability Details CVEID:CVE-2023-20873 DESCRIPTION: VMware Tanzu Spring Boot could allow a remote attacker to bypass security restrictions, caused by a flaw with wildca...
VMware Spring Boot < 2.7.11, 3.0.x < 3.0.6 Security Bypass Vulnerability
VMware Spring Boot is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:springboot...
CVE-2023-20873
creationtimestamp| type| source ---|---|--- 2023-04-21 00:30:56+00:00| seen| https://t.me/cibsecurity/62553 2025-07-07 04:08:35+00:00| seen| https://gist.github.com/sunnysaurav83/55ee274bac86ce598c5a7a9a3fabfa4f...
ai.foremast.metrics:foremast-spring-boot-k8s-metrics-starter (>=0.1.2 <=0.2.0), ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24) +5083 more potentially affected by CVE-2023-20873 via org.springframework.boot:spring-boot-actuator-autoconfigure (>=2.0.0.RELEASE <=2.5.14)
org.springframework.boot:spring-boot-actuator-autoconfigure MAVEN version =2.0.0.RELEASE, =0.1.2, =0.5.0, =0.5.21, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.24 and more Source cves: CVE-2023-20873 Source advisory: OSV:GHSA-G5H3-W5...
CVE-2023-20873
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users...
CVE-2023-20873
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users...
CVE-2023-20873
CVE-2023-20873 affects VMware Tanzu Spring Boot deployed in Cloud Foundry, enabling a security bypass due to a wildcard pattern matching flaw in Spring Boot’s access controls. Public references in the CVE describe impact on VMware Tanzu Spring Boot and related IBM deployments, with remediation th...
CVE-2023-20873
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users...
CVE-2023-20873
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users...