Lucene search
+L

25 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/12/15 3:26 p.m.11 views

Security Bulletin: Rational Performance Tester contains a vulnerability which could result in a denial of service

Summary Due to the use of the json-path library, Rational Performance Tester contains a vulnerability which could results in a potential denial of service attack. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path v2.8.0 was discovered to contain a stack overflow via the...

5.3CVSS6.6AI score0.0067EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-51074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method. CVE-2023-51074 Note that Nessus relies on the presence of the package...

5.3CVSS6.8AI score0.0067EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/22 9:27 a.m.37 views

Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack due to the json-path component (CVE-2023-51074).

Summary IBM Event Streams is vulnerable to a denial of service attack due to the json-path component. JSON-Path is a query language for JSON, similar to XPath for XML. It allows us to select and extract data from a JSON document. we use a JSON-Path expression to traverse the path to an element in...

5.3CVSS5.8AI score0.0067EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/07 2:47 p.m.22 views

Security Bulletin: B2B API of IBM Sterling B2B Integrator is vulnearble to denial of service due to json-path (CVE-2023-51074)

Summary B2B API of IBM Sterling B2B Integrator is vulnearble to denial of service due to json-path CVE-2023-51074. IBM Sterling B2B Integrator has remediated this vulnerabilty; Follow steps identified in Remediation/Fixes section to address vulnerability in your environment. Vulnerability Details...

5.3CVSS5.7AI score0.0067EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2024/05/30 8:24 p.m.69 views

Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update

Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS7.4AI score0.99931EPSS
Exploits47References25
RedHat Linux
RedHat Linux
added 2024/05/06 2:10 p.m.95 views

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel security update

Red Hat build of Apache Camel 4.4.0 for Spring Boot release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

9.1CVSS7.1AI score0.14286EPSS
Exploits4References6
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/25 5:18 a.m.24 views

Security Bulletin: IBM Event Processing is vulnerable to a denial of service attack (CVE-2023-51074).

Summary IBM Event Processing is vulnerable to a denial of service due to json-path component , caused by a stack-based buffer overflow in the Criteria.parse method. It is a query language for JSON, similar to XPath for XML. It allows you to select and extract data from a JSON document...

5.3CVSS5.7AI score0.0067EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/22 3:3 p.m.28 views

Security Bulletin: IBM Datapower Operations Dashboard could be vulnerable to a denial of service CVE-2023-51074

Summary json-path is used by the IBM Datapower Operations Dashboard to query JSON documents. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, caused by a stack-based buffer overflow in the Criteria.parse method. By sending a specially crafted...

5.3CVSS5.8AI score0.0067EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/17 6:45 a.m.40 views

Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana using third-party Kubernetes Operators build 269. Vulnerability Details CVEID:CVE-2024-20918 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause...

7.5CVSS9.2AI score0.08665EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/15 1:49 p.m.57 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to json-path [CVE-2023-51074]

Summary The Transformation Advisor Tool in IBM App Connect Enterprise is vulnerable to a denial of service due to json-path. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of...

5.3CVSS5.8AI score0.0067EPSS
Exploits1Affected Software1
OSV
OSV
added 2024/03/08 11:7 a.m.5 views

OESA-2024-1252 json-path security update

Java DSL for reading and testing JSON documents. Security Fixes: json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method.CVE-2023-51074...

5.3CVSS8AI score0.0067EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/01 4:24 p.m.57 views

Security Bulletin: Denial of Service vulnerability affect IBM Business Automation Workflow Event Emitters - CVE-2023-51074

Summary IBM Business Automation Workflow Event Emitters are vulnerable to a Denial of Service attack. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, caused by a stack-based buffer overflow in the Criteria.parse method. By sending a speciall...

5.3CVSS5.8AI score0.0067EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/27 4:17 p.m.39 views

Security Bulletin: Json-path is vulnerable to CVE-2023-51074 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses json-path which is vulnerable to CVE-2023-51074. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, caused by...

5.3CVSS5.8AI score0.0067EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2024/02/12 5:37 p.m.46 views

Moderate: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.5 release and security update

Red Hat Integration Camel for Spring Boot 3.20.5 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

5.3CVSS7AI score0.0067EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2024/02/12 4:2 p.m.74 views

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 release (RHBQ 3.2.10.Final)

An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available updates to RHBQ 3.2.10.Final. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.3AI score0.93305EPSS
Exploits6References6
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/06 12:56 p.m.46 views

Security Bulletin: IBM Asset Data Dictionary Component uses json-path-2.6.0.jar which is vulnerable to CVE-2023-51074.

Summary IBM Asset Data Dictionary Component uses json-path-2.6.0.jar which is vulnerable to CVE-2023-51074. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, cause...

5.3CVSS5.8AI score0.0067EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2023/12/28 6:30 a.m.61 views

CVE-2023-51074

A stack overflow vulnerability was found in the Criteria.parse method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service...

5.3CVSS5.1AI score0.0067EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2023/12/27 9:31 p.m.7 views

africa.absa:inception-test (>=1.0.0 <=1.2.0), ai.apiverse:apipulse (=1.0.1) +9501 more potentially affected by CVE-2023-51074 via com.jayway.jsonpath:json-path (>=2.2.0 <=2.8.0)

com.jayway.jsonpath:json-path MAVEN version =2.2.0, =1.0.0, =0.0.2, =0.0.2, =0.0.10, =0.0.6, =1.1.0, =1.6.8, =4.1.0, =4.0.0, =3.4.0, =3.5.4-rc.0, =2.0, =2.0, =3.0 and more Source cves: CVE-2023-51074 Source advisory: OSV:GHSA-PFH2-HFMQ-PHG5...

5.3CVSS6.7AI score0.0067EPSS
Exploits1
Wolfi
Wolfi
added 2023/12/27 9:15 p.m.32 views

CVE-2023-51074 vulnerabilities

Vulnerabilities for packages: solr, trino...

5.3CVSS6.5AI score0.0067EPSS
Exploits1
Chainguard
Chainguard
added 2023/12/27 9:15 p.m.38 views

CVE-2023-51074 vulnerabilities

Vulnerabilities for packages: trino, solr, hadoop-fips...

5.3CVSS6.5AI score0.0067EPSS
Exploits1
Rows per page
Query Builder