16 matches found
Security Bulletin: IBM Sterling B2B Integrator is Vulnerable to a Denial of Service in Amazon Ion (CVE-2024-21634)
Summary IBM Sterling B2B Integrator has addressed the denial of service security vulnerability from Amazon Ion Vulnerability Details CVEID:CVE-2024-21634 DESCRIPTION: Amazon Ion is vulnerable to a denial of service, caused by a stack-based overflow in ion-java for applications. By sending a...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 / 9 : Red Hat JBoss Enterprise Application Platform 8.0 (RHSA-2024:7441)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:7441 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This...
Security Bulletin: Denial of service vulnerability in Amazon Ion may affect IBM Storage Protect Server
Summary IBM Storage Protect Server may be affected by denial of service caused by stack-based overflow in Amazon Ion. CVE-2024-21634. Vulnerability Details CVEID:CVE-2024-21634 DESCRIPTION: Amazon Ion is vulnerable to a denial of service, caused by a stack-based overflow in ion-java for...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Amazon Ion [CVE-2024-21634]
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Amazon Ion, caused by a stack-based overflow in ion-java for applications CVE-2024-21634. Amazon Ion is a package used in our Speech Microservices. This vulnerabilitiy has been addresse...
Atlassian Jira Service Management Data Center and Server < 5.4.18 / 5.5.x < 5.12.6 / 5.13.x < 5.15.0 (JSDSERVER-15308)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-15308 advisory. - Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential...
Security Bulletin: IBM Storage Fusion is vulnerable to denial of service due to Apache Commons Compress and ion-java.
Summary commons-compress and ion-java is used by IBM Storage Fusion as part of the Backup and Restore service and may be vulnerable to the CVEs listed below. CVE-2024-26308, CVE-2024-25710, CVE-2024-21634. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is vulnerab...
Security Bulletin: IBM Storage Fusion HCI is vulnerable to denial of service due to Apache Commons Compress and ion-java.
Summary commons-compress and ion-java is used by IBM Storage Fusion HCI as part of the Backup and Restore service and may be vulnerable to the CVEs listed below. CVE-2024-26308, CVE-2024-25710, CVE-2024-21634. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is...
Security Bulletin: There is a vulnerability in Amazon Ion used by IBM Maximo Asset Management application (CVE-2024-21634)
Summary There is a vulnerability in Amazon Ion used by IBM Maximo Asset Management application. Vulnerability Details CVEID:CVE-2024-21634 DESCRIPTION: Amazon Ion is vulnerable to a denial of service, caused by a stack-based overflow in ion-java for applications. By sending a specially crafted...
Security Bulletin: IBM Maximo Application Suite uses ion-java-1.2.0.jar which is vulnerable to CVE-2024-21634.
Summary IBM Maximo Application Suite uses ion-java-1.2.0.jar which is vulnerable to CVE-2024-21634. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-21634 DESCRIPTION: Amazon Ion is vulnerable to a denial of service, caused by a...
Security Bulletin: IBM Instana Observability is affected by Vulnerabilities in Puma and Amazon Ion.
Summary Vulnerabilities in Puma and Amazon Ion were remediated in IBM Observability with Instana build 266. Vulnerability Details CVEID:CVE-2024-21647 DESCRIPTION: Puma is vulnerable to a denial of service, caused by incorrect behavior when parsing chunked transfer encoding bodies. By sending a...
CVE-2024-21634 vulnerabilities
Vulnerabilities for packages: wavefront-proxy...
CVE-2024-21634 Ion Java StackOverflow vulnerability
Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential denial-of-service issue exists in ion-java for applications that use ion-java to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the IonValue model and then...
CVE-2024-21634
CVE-2024-21634 is a DoS in Amazon Ion’s Java implementation (ion-java) prior to 1.10.5, triggered when deserializing Ion text/binary data into IonValue and invoking certain IonValue methods, leading to StackOverflowError. The issue is fixed in ion-java 1.10.5. In Jira Software Data Center/Server,...
CVE-2024-21634 Ion Java StackOverflow vulnerability
Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential denial-of-service issue exists in ion-java for applications that use ion-java to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the IonValue model and then...
CVE-2024-21634 Ion Java StackOverflow vulnerability
Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential denial-of-service issue exists in ion-java for applications that use ion-java to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the IonValue model and then...