Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2023-20883

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service...

7.5CVSS7.4AI score0.00904EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/07 10:44 a.m.33 views

Security Bulletin: IBM Sterling Control Center vulnerable to denial of service due to Spring Boot and remote code execution due to Spring Framework

Summary IBM Sterling Control Center containerized image uses VMWare Tanzu Spring Boot and Pivotal Spring Framework. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-20883 DESCRIPTION: VMware Tanzu Spring Boot is vulnerable to a denial...

9.8CVSS9.2AI score0.32257EPSS
Exploits4Affected Software1
NCSC
NCSC
added 2023/10/19 12:0 a.m.12 views

Vulnerabilities fixed in Oracle Financial Services Applications

Vulnerabilities have been fixed in Oracle Financial Services Applications products. A malicious party could exploit them to launch attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Accessing sensitive data Oracle has...

9.9CVSS7.2AI score0.99615EPSS
Exploits26
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/04 11:29 a.m.50 views

Security Bulletin: IBM Cloud Pak for Network Automation 2.6 addresses multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.6 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2022-25647 DESCRIPTION: Google Gson is vulnerable to a denial of service, caused by the deserialization of untrusted data. By using the...

9.8CVSS9.4AI score0.22709EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/01 2:54 p.m.59 views

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

9.8CVSS9.6AI score0.06031EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/24 8:52 p.m.45 views

Security Bulletin: VMware Tanzu Spring Boot is vulnerable to CVE-2023-20883 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses VMware Tanzu Spring Boot which is vulnerable to CVE-2023-20883. Vulnerability Details CVEID:CVE-2023-20883 DESCRIPTION: VMware Tanzu Spring Boot is vulnerable to a denial of service, caused by a flaw when Spring MVC is used together wi...

7.5CVSS8.1AI score0.00904EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/07/18 1:50 p.m.37 views

Important: Red Hat Security Advisory: Red Hat Build of OptaPlanner 8.38.0 for Quarkus 2.13.8 security update

Red Hat Build of OptaPlanner 8.38.0 for Quarkus 2.13.8 release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scori...

7.5CVSS7.1AI score0.00904EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 9:2 p.m.32 views

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in VMware Tanzu Spring Boot

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of VMware Tanzu Spring Boot. Vulnerability Details CVEID:CVE-2023-20873 DESCRIPTION: VMware Tanzu Spring Boot could allow a remote attacker to bypass security restrictions, caused by a flaw with wildca...

9.8CVSS8.4AI score0.01122EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/06/21 2:32 p.m.55 views

Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 Patch 1 release security update

Red Hat Integration Camel for Spring Boot 3.20.1 Patch 1 release and security update is now available. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.7AI score0.00919EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/06/15 3:23 p.m.62 views

Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.18.3 Patch 2 release

Camel for Spring Boot 3.18.3 Patch 2 release and security update is now available. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.8CVSS6.8AI score0.19653EPSS
Exploits16References18
vulnersOsv
vulnersOsv
added 2023/05/26 6:30 p.m.13 views

ai.timefold.solver:timefold-solver-spring-boot-autoconfigure (>=0.9.38 <=0.9.39), ai.timefold.solver:timefold-solver-spring-boot-starter (>=0.9.38 <=0.9.39) +3808 more potentially affected by CVE-2023-20883 via org.springframework.boot:spring-boot-autoconfigure (>=3.0.0 <=3.0.6)

org.springframework.boot:spring-boot-autoconfigure MAVEN version =3.0.0, =0.9.38, =0.9.38, =2.0.0, =3.0.0, =2.9.9, =0.25.3, =0.1.43, =0.1.65 - cc.vihackerframework:vihacker-annotation =1.0.8.R - cc.vihackerframework:vihacker-auth-starter =1.0.8.R - cc.vihackerframework:vihacker-common-starter...

7.5CVSS7.1AI score0.00904EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/05/26 6:30 p.m.4 views

ai.ylyue:yue-library-base (=j11.2.6.2), ai.ylyue:yue-library-data-es (=j11.2.6.2) +3480 more potentially affected by CVE-2023-20883 via org.springframework.boot:spring-boot-autoconfigure (>=2.6.0 <=2.6.14)

org.springframework.boot:spring-boot-autoconfigure MAVEN version =2.6.0, =2.2.53, =0.23.9, =0.1.2, =5.7.0, =5.7.7, =5.7.0, =6.4.7 and more Source cves: CVE-2023-20883 Source advisory: OSV:GHSA-XF96-W227-R7C4...

7.5CVSS7.1AI score0.00904EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/05/26 6:30 p.m.7 views

ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.0 <=4.4.0.1), ai.djl.spring:djl-spring-boot-starter-autoconfigure (>=0.2 <=0.11) +26968 more potentially affected by CVE-2023-20883 via org.springframework.boot:spring-boot-autoconfigure (>=1.0.0.RELEASE <=2.5.14)

org.springframework.boot:spring-boot-autoconfigure MAVEN version =1.0.0.RELEASE, =4.4.0.0, =0.2, =0.2, =0.2, =0.2, =0.2, =0.2, =0.5, =0.0.12, =0.1.8, =0.1.6, =0.1.2, =0.0.6, =0.0.11, =0.0.51 and more Source cves: CVE-2023-20883 Source advisory: OSV:GHSA-XF96-W227-R7C4...

7.5CVSS7.1AI score0.00904EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/05/26 6:30 p.m.8 views

ai.timefold.solver:timefold-solver-spring-boot-autoconfigure (>=0.8.38 <=0.8.39), ai.timefold.solver:timefold-solver-spring-boot-starter (>=0.8.38 <=0.8.39) +4744 more potentially affected by CVE-2023-20883 via org.springframework.boot:spring-boot-autoconfigure (>=2.7.0 <=2.7.11)

org.springframework.boot:spring-boot-autoconfigure MAVEN version =2.7.0, =0.8.38, =0.8.38, =v0.16.1, =v0.16.1, =v0.16.1, =1.0.0, =5.3.1, =2.2.94, =0.23.48, =0.1.13, =1.9, =1.10 - ca.uhn.hapi.fhir:hapi-fhir-spring-boot-autoconfigure =6.6.0 -...

7.5CVSS7.1AI score0.00904EPSS
Exploits0
NVD
NVD
added 2023/05/26 5:15 p.m.33 views

CVE-2023-20883

In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service DoS attack if Spring MVC is used together with a reverse proxy cache...

7.5CVSS8.5AI score0.00904EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/26 12:0 a.m.15 views

CVE-2023-20883

In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service DoS attack if Spring MVC is used together with a reverse proxy cache...

6.8AI score0.00904EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/26 12:0 a.m.43 views

CVE-2023-20883

In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service DoS attack if Spring MVC is used together with a reverse proxy cache...

7.8AI score0.00904EPSS
Exploits0References2
CVE
CVE
added 2023/05/26 12:0 a.m.296 views

CVE-2023-20883

CVE-2023-20883 : DoS potential in Spring Boot / Spring MVC when used with a reverse proxy cache. Affects Spring Boot versions 3.0.0–3.0.6; 2.7.0–2.7.11; 2.6.0–2.6.14; 2.5.0–2.5.14 and older unsupported releases. IBM security bulletin corroborates this and lists a remediation: upgrade IBM Library ...

7.5CVSS7.4AI score0.00904EPSS
Exploits0References2Affected Software1
Spring Security Advisories
Spring Security Advisories
added 2023/05/23 12:0 a.m.114 views

This Week in Spring - May 23rd, 2023

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's May 23rd and, famously, nothing major has happened in the last week OH WAIT WE RELEASED SPRING BOOT 3.1! Have you checked it out yet? It's dope. I did a Spring Tips installment looking at some of its features here that y...

5CVSS6.7AI score0.00904EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/05/22 12:0 a.m.20 views

VMware Spring Boot < 2.5.15, 2.6.x < 2.6.15, 2.7.x < 2.7.12, 3.0.x < 3.0.7 DoS Vulnerability

VMware Spring Boot is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS8.4AI score0.00904EPSS
Exploits0References4
Rows per page
Query Builder