9 matches found
CVE-2023-31582 vulnerabilities
Vulnerabilities for packages: hadoop-fips...
Security Updates for Azure CycleCloud (July 2024)
The Azure CycleCloud product is missing security updates. It is, therefore, affected by an elevation of privilege vulnerability. The attacker who successfully exploited this vulnerability could elevate privileges to the SuperUser role in the affected Azure CycleCloud instance. To exploit this...
SUSE SLES15: cobbler / grafana-formula / inter-server-sync / jose4j / etc (SUSE-SU-2024:0485-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0485-1 advisory. cobbler: - Build the appendline correctly for RHEL-family = 8 - Do not strip if SUSE Linux Enterprise 15 SP3 - Build at least with with Go = 1....
Important: Red Hat Security Advisory: Red Hat AMQ Streams 2.6.0 release and security update
Red Hat AMQ Streams 2.6.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CVE-2023-31582
A flaw was found in Jose4J which allows a malicious user or internal person to erroneously set a low iteration count of 1000 or less to secure the Json Web Token. This could apply to lack of entropy and leave the system less secure. Mitigation No mitigation is currently available for this flaw...
CVE-2023-31582
jose4j before v0.9.3 allows attackers to set a low iteration count of 1000 or less...
CVE-2023-31582
jose4j before v0.9.3 allows attackers to set a low iteration count of 1000 or less...
CVE-2023-31582
jose4j before v0.9.3 allows attackers to set a low iteration count of 1000 or less...
CVE-2023-31582
CVE-2023-31582 is covered by a connected document that provides concrete technical details. TheJose4J library (affected component) versions before 0.9.3 are vulnerable to setting a very low iteration count (1000 or less) in cryptographic operations. The linked IBM/ADX bulletin notes the vulnerabi...