Lucene search
+L

22 matches found

Wolfi
Wolfi
added 2025/03/15 10:43 a.m.24 views

CVE-2023-34453 vulnerabilities

Vulnerabilities for packages: druid...

7.5CVSS7.1AI score0.01707EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/30 12:42 p.m.19 views

Security Bulletin: Vulnerability in snappy-java affects watsonx.data

Summary snappy-java is vulnerable to denial of service attacks, which could affect watsonx.data. Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request,...

7.5CVSS6.8AI score0.01707EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/01 12:0 a.m.63 views

Splunk Enterprise 9.0.0 < 9.0.9, 9.1.0 < 9.1.4, 9.2.0 < 9.2.1 (SVD-2024-0718)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0718 advisory. - jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted objec...

9.8CVSS7.9AI score0.10608EPSS
Exploits13References24
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/07 6:44 a.m.33 views

Security Bulletin: IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455 , CVE-2023-34454 and CVE-2023-43642

Summary IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455, CVE-2023-34454 and CVE-2023-43642. This bulletin contains information regarding the vulnerability and its remediation...

9.1CVSS7.6AI score0.01762EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/07 6:44 a.m.30 views

Security Bulletin: IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455 , CVE-2023-34454 and CVE-2023-43642

Summary IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455, CVE-2023-34454 and CVE-2023-43642. This bulletin contains information regarding the vulnerability and its remediation...

9.1CVSS7.6AI score0.01762EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/14 8:43 a.m.55 views

Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management

Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF15 patch Vulnerability Details CVEID:CVE-2022-44729 DESCRIPTION: Apache Batik is vulnerable to server-side request forgery, caused by improper input validation. By persuading a victim to open...

9.8CVSS10AI score0.09254EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/24 2:2 p.m.34 views

Security Bulletin: IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. This update addresses these CVEs. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused...

7.5CVSS7.5AI score0.01762EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/20 4:10 p.m.75 views

Security Bulletin: Netcool Operations Insights 1.6.11 addresses multiple security vulnerabilities.

Summary Netcool Operations Insight v1.6.11 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially...

9.8CVSS9.4AI score0.99615EPSS
Exploits32Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/14 7:45 p.m.30 views

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has addressed these vulnerabilities in an update. Vulnerability Details CVEID: CVE-2022-46363 DESCRIPTION: Apache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when the CXFServlet is configured with both the static-resources-list...

7.5CVSS8.5AI score0.20459EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/27 2:32 p.m.75 views

Security Bulletin: There is a vulnerability in snappy-java used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-34455, CVE-2023-34454, CVE-2023-34453)

Summary There is a vulnerability in snappy-java used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-34455 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk...

7.5CVSS6.9AI score0.01762EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/26 6:7 p.m.64 views

Security Bulletin: IBM Maximo Asset Management is affected by multiple vulnerabilities (CVE-2023-34455, CVE-2023-34454, CVE-2023-34453) in snappy-java.

Summary IBM Maximo Asset Management is affected by multiple vulnerabilities CVE-2023-34455, CVE-2023-34454, CVE-2023-34453 in snappy-java. Vulnerability Details CVEID:CVE-2023-34455 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in th...

7.5CVSS7.4AI score0.01762EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/09 10:38 a.m.25 views

Security Bulletin: Vulnerability in snappy-java affects IBM Process Mining . CVE-2023-34453

Summary There is a vulnerability in snappy-java that could allow a remote attacker to execute a denial of service. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION:...

7.5CVSS7AI score0.01707EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/15 1:28 p.m.33 views

Security Bulletin: Vulnerabilities in snappy-java might affect IBM Spectrum Copy Data Management

Summary IBM Spectrum Copy Data Management can be affected by vulnerabilities in snappy-java. Vulnerabilities including a remote attacker could exploit these vulnerabilities to cause a denial of service condition, as described by the CVEs in the "Vulnerability Details" section. Vulnerability Detai...

7.5CVSS7.4AI score0.01762EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2023/09/14 9:51 a.m.39 views

Important: Red Hat Security Advisory: Red Hat AMQ Streams 2.5.0 release and security update

Red Hat AMQ Streams 2.5.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS7.3AI score0.99615EPSS
Exploits16References19
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/29 9:37 a.m.57 views

Security Bulletin: IBM Event Streams is vulnerable to denial of service attacks due to snappy-java (CVE-2023-34453, CVE-2023-34455, CVE-2023-34454)

Summary IBM Event Streams is affected by snappy-java vulnerabilities CVE-2023-34453, CVE-2023-34455, CVE-2023-34454 Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a special...

7.5CVSS7.1AI score0.01762EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/14 8:42 a.m.44 views

Security Bulletin: Kafka nodes in IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a denial of service due to snappy-java (CVE-2023-34453, CVE-2023-34455, CVE-2023-34454).

Summary Kafka nodes in IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a denial of service due to snappy-java CVE-2023-34453, CVE-2023-34455, CVE-2023-34454. The resolving fix includes Kafka 3.5.1 which includes snappy-java 1.1.10.1 Vulnerability Details CVEID:CVE-2023-34453...

7.5CVSS6.8AI score0.01762EPSS
Exploits2Affected Software2
RedhatCVE
RedhatCVE
added 2023/08/08 4:49 p.m.39 views

CVE-2023-34453

A flaw was found in Snappy-java's shuffle function, which does not check input sizes before beginning operations. This issue could allow an attacker to send malicious input to trigger an overflow error that crashes the program, resulting in a denial of service...

5.9CVSS6.9AI score0.01707EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/27 4:3 p.m.40 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use Kafka nodes are vulnerable to denial of service due to [CVE-2023-34453], [CVE-2023-34454], [CVE-2023-34455]

Summary Java component snappy-java is used by Kafka in IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use Kafka nodes are vulnerable to denial of service. This bulletin provides patch informatio...

7.5CVSS6.9AI score0.01762EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/24 9:0 p.m.34 views

Security Bulletin: Snappy-java is vulnerable to security CVEs used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses snappy-java which is vulnerable to security CVEs. Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially...

7.5CVSS6.9AI score0.01762EPSS
Exploits2Affected Software1
Chainguard
Chainguard
added 2023/06/15 5:15 p.m.14 views

CVE-2023-34453 vulnerabilities

Vulnerabilities for packages: druid...

7.5CVSS6.8AI score0.01707EPSS
Exploits1
Rows per page
Query Builder