Lucene search
K

40 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/11 8:59 p.m.14 views

Security Bulletin: Due to the use of jetty IBM webMethods BPM is vulnerable to multiple vulnerabilities

Summary IBM webMethods BPM is dependant on jetty which is affected by known vulnerabilities CVE-2020-27223, CVE-2021-28169, CVE-2022-2047, CVE-2023-26049, CVE-2023-36478, CVE-2023-40167 Vulnerability Details CVEID:CVE-2020-27223 DESCRIPTION: In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114...

7.5CVSS6AI score0.7848EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/17 3:7 p.m.10 views

Security Bulletin: User Entity Behavior Analytics app for IBM QRadar SIEM includes components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. User Entity Behavior Analytics app for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-40167 DESCRIPTION: Jetty is a Java...

7.5CVSS8.5AI score0.03754EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/10 5:35 p.m.20 views

Security Bulletin: Multiple vulnerabilities found in IBM Security Verify Information Queue

Summary Multiple security vulnerabilities in the third-party libraries have been addressed in IBM Security Verify Information Queue ISIQ Vulnerability Details CVEID:CVE-2023-40167 DESCRIPTION: Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and...

7.5CVSS7.5AI score0.04658EPSS
Exploits5Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 4: jetty (TSSA-2025:0022)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0022 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

5.3CVSS7.2AI score0.01069EPSS
Exploits2References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 4:3 a.m.84 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for October 2023

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF026 and 23.0.1-IF004. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: python-requests could allow a remote attacker to obtain sensitive information, caused by the leaking of...

9.8CVSS10AI score0.60679EPSS
Exploits8Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2023-40167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the + character proceeding the...

5.3CVSS6.6AI score0.01069EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/11 11:31 a.m.38 views

Security Bulletin: Vulnerabilities Addressed in IBM Tivoli Network Manager IP Edition (ITNM) version 4.2 Fix Pack 20 (4.2.0.20)

Summary Multiple vulnerabilities were addressed in ITNM version 4.2 Fix Pack 20 4.2.0.20 Vulnerability Details CVEID:CVE-2024-23944 DESCRIPTION: Apache ZooKeeper could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in persistent watchers handling. By...

7.5CVSS9.6AI score0.99019EPSS
Exploits21Affected Software1
RedHat Linux
RedHat Linux
added 2024/05/23 10:45 p.m.98 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.13.0 release and security update

Red Hat Fuse 7.13.0 release is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...

9.3CVSS6.6AI score0.8581EPSS
Exploits9References16
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.42 views

RHEL 8 : Satellite 6.14.2 Async Security Update (Important) (RHSA-2024:0797)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0797 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

9.8CVSS7.7AI score0.78483EPSS
Exploits8References35
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/10 5:57 a.m.32 views

Security Bulletin: Vulnerabilities found in Jetty may affect IBM Content Collector for SAP Applications

Summary IBM Content Collector for SAP Applications may be affected by multiple vulnerabilities found in Jetty. Vulnerability Details CVEID:CVE-2023-40167 DESCRIPTION: Jetty is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP/1 request header. By sending a specially...

5.3CVSS6.2AI score0.01069EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/15 6:17 a.m.45 views

Security Bulletin: IBM Event Streams is vulnerable to HTTP request smuggling (CVE-2023-40167)

Summary IBM Event Streams is vulnerable to HTTP request smuggling due to Jetty component. Jetty provides client-side libraries that allow us to embed an HTTP or WebSocket client in our applications. Vulnerability Details CVEID:CVE-2023-40167 DESCRIPTION: Jetty is vulnerable to HTTP request...

5.3CVSS6.3AI score0.01069EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/14 2:34 p.m.101 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and iFix. Vulnerability Details CVEID:CVE-2023-41900 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by improper authentication...

8.8CVSS9.5AI score0.8581EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/05 11:37 a.m.37 views

Security Bulletin: Vulnerability in jetty-http affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2023-40167]

Summary The jetty-http package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEsCVE-2023-40167. Vulnerability Details CVEID:CVE-2023-40167 DESCRIPTION: Jetty is vulnerable to HTTP request smuggling, caused by improper parsing of the...

5.3CVSS6.2AI score0.01069EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.54 views

openSUSE: Security Advisory for jetty (SUSE-SU-2023:4210-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.99999EPSS
Exploits22References4
Amazon
Amazon
added 2024/02/19 12:0 a.m.47 views

Medium: jetty

Issue Overview: Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the + character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reje...

5.3CVSS6.6AI score0.01069EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/02/19 12:0 a.m.45 views

Amazon Linux 2 : jetty (ALAS-2024-2460)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2460 advisory. Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the + character proceeding the content-length value in a HTTP/1 header field. Thi...

5.3CVSS7.1AI score0.01069EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/02/13 2:45 p.m.59 views

Important: Red Hat Security Advisory: Satellite 6.14.2 Async Security Update

Updated Satellite 6.14 packages that fixes Important security bugs and several regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet...

9.8CVSS7.2AI score0.78483EPSS
Exploits8References24
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/09 8:57 a.m.36 views

Security Bulletin: Vulnerability in jetty-http affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2023-40167].

Summary The jetty-http package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-40167. Vulnerability Details CVEID:CVE-2023-40167 DESCRIPTION: Jetty is vulnerable to HTTP request smuggling, caused by improper parsing of the...

5.3CVSS6.2AI score0.01069EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/01 1:44 p.m.31 views

Security Bulletin: There is a vulnerability in jetty-http-9.4.51.v20230217.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-40167 and CVE-2023-36478)

Summary There is a vulnerability in jetty-http-9.4.51.v20230217.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-40167 DESCRIPTION: Jetty is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP/1 request header...

7.5CVSS7.1AI score0.03754EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/11 4:22 p.m.38 views

Security Bulletin: IBM Cognos Command Center has addressed vulnerabilities in IBM® Semeru Java™ Version 11 and Eclipse Jetty

Summary There are vulnerabilities in IBM® Semeru Java™ Version 11 and Eclipse Jetty used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.5 has addressed the applicable CVEs by upgrading to IBM® Semeru JRE 11.0.20.0 CVE-2023-22049, CVE-2023-22036 and Eclipse Jetty 10.0.17...

7.5CVSS8.8AI score0.99999EPSS
Exploits22Affected Software1
Rows per page
Query Builder