Lucene search
+L

5 matches found

RedHat Linux
RedHat Linux
added 2023/12/06 10:7 p.m.45 views

Moderate: Red Hat Security Advisory: Red Hat build of Cryostat 2.4.0: new RHEL 8 container images

New Red Hat build of Cryostat 2.4.0 on RHEL 8 container images are now available New Red Hat build of Cryostat 2.4.0 on RHEL 8 container images have been released, adding a variety of features and bug fixes. Users of the Red Hat build of Cryostat 2.3.1 on RHEL 8 container images are advised to...

6.5CVSS6.6AI score0.02459EPSS
Exploits2References9
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/06 5:51 p.m.44 views

Security Bulletin: Eclipse Vert.x-Web component is vulnerable to CVE-2023-24815 is used by IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses Eclipse Vert.x-Web package which is vulnerable to CVE-2023-24815. Vulnerability Details CVEID:CVE-2023-24815 DESCRIPTION: Eclipse Vert.x-Web could allow a remote attacker to obtain sensitive information, caused by a flaw when mounted on a wildcard route. ...

5.3CVSS5AI score0.00919EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2023/06/21 2:32 p.m.55 views

Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 Patch 1 release security update

Red Hat Integration Camel for Spring Boot 3.20.1 Patch 1 release and security update is now available. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.7AI score0.00919EPSS
Exploits1References4
CVE
CVE
added 2023/02/09 5:36 p.m.130 views

CVE-2023-24815

CVE-2023-24815 affects Eclipse Vert.x-Web, specifically the StaticHandler behavior when serving files on Windows with a wildcard mount point. The vulnerability arises in Utils.java when computing the relative path to a resource: for wildcards it returns the user input (e.g., rest) as the path seg...

5.3CVSS5.3AI score0.00919EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/09 5:36 p.m.8 views

CVE-2023-24815 Disclosure of classpath resources on Windows when mounted on a wildcard route in vertx-web

Vert.x-Web is a set of building blocks for building web applications in the java programming language. When running vertx web applications that serve files using StaticHandler on Windows Operating Systems and Windows File Systems, if the mount point is a wildcard then an attacker can exfiltrate a...

4.8CVSS5.4AI score0.00919EPSS
Exploits1References3
Rows per page
Query Builder