Lucene search
K

8 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/07/07 5:50 p.m.8 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in spring-boot-2.7.12.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of spring-boot-2.7.12.jar Vulnerability Details CVEID:CVE-2023-34055 DESCRIPTION: In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that...

6.5CVSS6.7AI score0.01219EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/05/23 10:45 p.m.98 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.13.0 release and security update

Red Hat Fuse 7.13.0 release is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...

9.3CVSS6.6AI score0.8581EPSS
Exploits9References16
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/13 2:49 p.m.29 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to VMware Tanzu Spring Boot arbitrary denial of service vulnerability ( CVE-2023-34055)

Summary Potential VMware Tanzu Spring Boot arbitrary denial of service vulnerability CVE-2023-34055 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details...

6.5CVSS6.4AI score0.01219EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/11/30 12:0 a.m.25 views

VMware Spring Boot 2.7.0 - 2.7.17, 3.0.0 - 3.0.12, 3.1.0 - 3.1.5 DoS Vulnerability

VMware Spring Boot is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7AI score0.01219EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2023/11/28 9:30 a.m.5 views

be.vlaanderen.informatievlaanderen.ldes.ldio:ldio-application (=2.12.0), be.vlaanderen.informatievlaanderen.vsds:ldes-fragmentisers (>=1.1.0 <=3.4.0) +1476 more potentially affected by CVE-2023-34055 via org.springframework.boot:spring-boot-actuator (>=3.1.0 <=3.1.5)

org.springframework.boot:spring-boot-actuator MAVEN version =3.1.0, =1.1.0, =2.3.0, =1.1.0, =1.1.0, =2.10.0, =1.1.0, =1.1.0, =2.3.0, =1.1.0, =1.1.0, =1.1.0, =2.3.0, =3.6.0, =3.6.1 - be.vlaanderen.informatievlaanderen...

6.5CVSS6.8AI score0.01219EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/11/28 9:30 a.m.4 views

am.ik.access-logger:access-logger (>=0.1.0 <=0.1.2), cn.herodotus.engine:event-core (=3.0.1.0) +618 more potentially affected by CVE-2023-34055 via org.springframework.boot:spring-boot-actuator (>=3.0.0 <=3.0.12)

org.springframework.boot:spring-boot-actuator MAVEN version =3.0.0, =0.1.0, =0.1.2 - cn.herodotus.engine:event-core =3.0.1.0 - cn.herodotus.engine:event-message-spring-boot-starter =3.0.1.0 - cn.herodotus.engine:event-pay-spring-boot-starter =3.0.1.0 -...

6.5CVSS6.9AI score0.01219EPSS
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/11/28 12:0 a.m.38 views

This Week in Spring - 28 November, 2023

Hi, Spring fans! I hope everyone who celebrated Thanksgiving had a wonderful time. Did you indulge in too much turkey? Anyway, let's jump into this week's edition of This Week in Spring—a particularly special one for a couple of reasons. First, it's our first issue after the launch of Spring Boot...

5CVSS5.1AI score0.01219EPSS
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/11/27 12:0 a.m.246 views

CVE-2023-34053, CVE-2023-34055: Spring Framework and Spring Boot vulnerabilities

Updates 11-27 Blog posts updated to refer to the CVE reports published The Spring Framework 6.0.14 release shipped on November 16th includes a fix for CVE-2023-34053. The Spring Boot 2.7.18 release shipped on November 23th includes fixes for CVE-2023-34055. Users are encouraged to update as soon ...

5CVSS7.2AI score0.01219EPSS
Exploits0
Rows per page
Query Builder