Lucene search
K

27 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/06 5:8 a.m.5 views

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to okio-2.8.0.jar

Summary IBM webMethods BPM uses okio-2.8.0.jar for I/O operations to make reading and writing data faster and safer than Java's inbuilt APIs. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer...

7.5CVSS6.5AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/07 5:47 p.m.7 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in okio-2.8.0.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of okio-2.8.0.jar Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client...

7.5CVSS6.7AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.31 views

Security Bulletin: IBM Maximo Application Suite uses jsonata-1.8.6 which is vulnerable to CVE-2024-27307, CVE-2022-34169, CVE-2023-20861, CVE-2023-3635, CVE-2018-10237, CVE-2023-33201, CVE-2023-33202, CVE-2023-45288, CVE-2023-20863

Summary IBM Maximo Application Suite uses jsonata-1.8.6 which is vulnerable to CVE-2024-27307, CVE-2022-34169, CVE-2023-20861, CVE-2023-3635, CVE-2018-10237, CVE-2023-33201, CVE-2023-33202, CVE-2023-45288, CVE-2023-20863. This bulletin contains information regarding the vulnerability and its...

9.8CVSS9.1AI score0.91969EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:5 p.m.20 views

Security Bulletin: Vulnerability in Okio GzipSource affects watsonx.data

Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...

7.5CVSS7.4AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:0 p.m.21 views

Security Bulletin: Vulnerablity in Okio GzipSource affects watsonx.data

Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...

7.5CVSS7.4AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/05 9:48 p.m.11 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Okio GzipSource denial of service vulnerability [ CVE-2023-3635]

Summary Potential Okio GzipSource denial of service vulnerability CVE-2023-3635 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-3635...

7.5CVSS6.6AI score0.01077EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2024/05/28 11:19 a.m.101 views

Moderate: Red Hat Security Advisory: Red Hat JBoss EAP 7.4.14 XP 4.0.2.GA security release

JBoss EAP XP 4.0.2.GA security release on the EAP 7.4.14 base is now available. See references for release notes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS6.7AI score0.0326EPSS
Exploits1References10
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/26 9:21 a.m.19 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection Component uses the source GzipSource and this does not handle an exception that might be raised when parsing a malformed gzip buffer. CVE-2023-3635

Summary IBM Maximo Application Suite - Visual Inspection Component uses the GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class...

7.5CVSS6.4AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/27 1:26 p.m.54 views

Security Bulletin: Vulnerability of okio-1.13.0.jar is affecting APM WebSphere Application Server Agent, APM Tomcat Agent, APM SAP NetWeaver Java Stack Agent, APM WebLogic Agent and APM Data Collector for J2SE

Summary APM WebSphere Application Server Agent, APM Tomcat Agent, APM SAP NetWeaver Java Stack Agent, APM WebLogic Agent and APM Data Collector for J2SE are vulnerable to okio-1.13.0.jar CVE-2023-3635. The workaround includes okio-1.13.0.jar upgraded to okio-3.5.0.jar . Vulnerability Details...

7.5CVSS6.5AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/13 2:28 p.m.19 views

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to denial of service CVE-2023-3635

Summary Okio GzipSource is used by the IBM Datapower Operations Dashboard in its IO infrastructure. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzip buffer, a remote...

7.5CVSS6.4AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/13 4:12 p.m.25 views

Security Bulletin: IBM Workload Automation potentially affected by a vulnerability in Okio GzipSource (CVE-2023-3635)

Summary IBM Workload Automation is potentially affected by a vulnerability found in Okio GzipSource that can cause denial of service. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially...

7.5CVSS6.4AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/21 5:29 p.m.35 views

Security Bulletin: IBM Storage Fusion HCI may be vulnerable to denial of service due to jackson-databind, okio (CVE-2022-42003, CVE-2023-35116, CVE-2023-3635)

Summary Java libraries jackson-databind and okio are used by IBM Storage Fusion HCI for logging. Vulnerabilities in these libraries could lead to Denial of Service as described the the CVEs listed in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION:...

7.5CVSS6.7AI score0.02824EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/21 5:25 p.m.30 views

Security Bulletin: IBM Storage Fusion may be vulnerable to denial of service due to jackson-databind, okio (CVE-2022-42003, CVE-2023-35116, CVE-2023-3635)

Summary Java libraries jackson-databind and okio are used by IBM Storage Fusion for logging. Vulnerabilities in these libraries could lead to Denial of Service as described the the CVEs listed in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXM...

7.5CVSS6.7AI score0.02824EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/15 5:10 a.m.45 views

Security Bulletin: IBM Maximo Application Suite uses okio-jvm-3.0.0.jar which is vulnerable to CVE-2023-3635

Summary IBM Maximo Application Suite uses okio-jvm-3.0.0.jar which is vulnerable to CVE-2023-3635. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by...

7.5CVSS6.5AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/31 2:33 a.m.46 views

Security Bulletin: IBM Event Processing contains a vulnerability in okhttp Java

Summary Operator of IBM Event Processing contains a vulnerability in Okio-jvm which is vulnerable to a denial of service CVE-2023-3635. Vulnerability Details CVEID: CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a special...

7.5CVSS6.5AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/31 2:32 a.m.21 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to a denial of service

Summary Operator of IBM Event Endpoint Management is vulnerable to a denial of service of the Okio client CVE-2023-3635 Vulnerability Details CVEID: CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzip...

7.5CVSS6.6AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/20 2:11 p.m.39 views

Security Bulletin: IBM App Connect Enterprise Toolkit and IBM Integration Bus Toolkit are vulnerable to a denial of service due to Okio GzipSource (CVE-2023-3635).

Summary IBM App Connect Enterprise Toolkit and IBM Integration Bus Toolkit using Maven projects feature are vulnerable to a denial of service due to Okio GzipSource. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled...

7.5CVSS6.4AI score0.01077EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/09 10:52 a.m.35 views

Security Bulletin: Vulnerability in Okio GzipSource affects IBM Process Mining . CVE-2023-3635

Summary There is a vulnerability in CVE-2023-3635 that could allow a remote attacker to execute a denial of service. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Ok...

7.5CVSS6.8AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/27 9:9 p.m.13 views

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Okio GzipSource

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Okio GzipSource. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzip buffe...

7.5CVSS6.4AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/26 6:26 p.m.51 views

Security Bulletin: Okio GzipSource is vulnerable to CVE-2023-3635 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Okio GzipSource which is vulnerable to CVE-2023-3635. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzip buffe...

7.5CVSS6.4AI score0.01077EPSS
Exploits1Affected Software1
Rows per page
Query Builder