Lucene search
+L

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-42503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress:...

5.5CVSS6.6AI score0.00489EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/12 10:9 a.m.39 views

Security Bulletin: IBM Maximo Application Suite, IBM Truststore Manager and IBM Asset Data Dictionary Component uses third party libraries which is vulnerable to multiple CVEs

Summary IBM Maximo Application Suite, IBM Truststore Manager and IBM Asset Data Dictionary Component uses FlaskCors-4.0.1-py2.py3-none-any.whl, requests-2.31.0-py3-none-any.whl, express-4.19.2.tgz, commons-compress-1.22.jar, commons-io-2.11.0.jar, urllib3-1.26.18-py2.py3-none-any.whl,...

8.1CVSS7.9AI score0.01241EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/10/21 12:0 a.m.30 views

Oracle Application Testing Suite (October 2024 CPU)

The versions of Oracle Application Testing Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2024 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps...

8.1CVSS6.3AI score0.00898EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/08 9:39 a.m.34 views

Security Bulletin: Apache Commons Compress vulnerability affect IBM Spectrum Control

Summary Apache Commons Compress is vulnerable to a denial of service. This vulnerability affect IBM Spectrum Control. CVE-2024-25710, CVE-2024-26308, CVE-2023-42503. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an...

8.1CVSS6.6AI score0.00898EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/01/18 12:0 a.m.77 views

Oracle Primavera P6 Enterprise Project Portfolio Management (January 2024 CPU)

The version of Primavera P6 Enterprise Project Portfolio Management installed on the remote host are affected by vulnerabilities as referenced in the January 2024 CPU advisory. - Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineeri...

7.5CVSS6.3AI score0.01449EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.25 views

Oracle Essbase Multiple Vulnerabilities (January 2024 CPU)

The version of Oracle Essbase installed on the remote host is missing a security patch from the January 2024 Critical Patch Update CPU. It is, therefore, affected by: - Vulnerability in Oracle Essbase component: Essbase Web Platform OpenSSL. Easily exploitable vulnerability allows unauthenticated...

9.8CVSS7.4AI score0.9077EPSS
Exploits12References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/14 11:58 a.m.25 views

Security Bulletin: Apache Commons Compress component is vulnerable to CVE-2023-42503 is used by IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses Apache Commons Compress package which is vulnerable to CVE-2023-42503. Vulnerability Details CVEID:CVE-2023-42503 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to ope...

5.5CVSS6.2AI score0.00489EPSS
Exploits0Affected Software1
Chainguard
Chainguard
added 2023/09/14 8:15 a.m.46 views

CVE-2023-42503 vulnerabilities

Vulnerabilities for packages: trino, kayenta-fips, opensearch, kayenta...

5.5CVSS6.6AI score0.00489EPSS
Exploits0
Wolfi
Wolfi
added 2023/09/14 8:15 a.m.280 views

CVE-2023-42503 vulnerabilities

Vulnerabilities for packages: opensearch, trino...

5.5CVSS6.6AI score0.00489EPSS
Exploits0
CVE
CVE
added 2023/09/14 7:45 a.m.466 views

CVE-2023-42503

CVE-2023-42503: In Apache Commons Compress TAR parsing, improper input validation of pax header time fields (atime/mtime/ctime/LIBARCHIVE.creationtime) can be exploited to trigger denial-of-service via CPU exhaustion. A malformed TAR file crafted with extreme fractional times (or exponent notatio...

5.5CVSS6.7AI score0.00489EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder