Lucene search
+L

16 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/03/10 3:33 p.m.12 views

Security Bulletin: IBM Sterling B2B Integrator is Vulnerable to a Denial of Service in Amazon Ion (CVE-2024-21634)

Summary IBM Sterling B2B Integrator has addressed the denial of service security vulnerability from Amazon Ion Vulnerability Details CVEID:CVE-2024-21634 DESCRIPTION: Amazon Ion is vulnerable to a denial of service, caused by a stack-based overflow in ion-java for applications. By sending a...

7.5CVSS7.9AI score0.0082EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/10/01 8:3 a.m.31 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7.2AI score0.02644EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/10/01 12:0 a.m.31 views

RHEL 8 / 9 : Red Hat JBoss Enterprise Application Platform 8.0 (RHSA-2024:7441)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:7441 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This...

7.5CVSS7.6AI score0.02644EPSS
Exploits0References9
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/01 5:48 a.m.30 views

Security Bulletin: Denial of service vulnerability in Amazon Ion may affect IBM Storage Protect Server

Summary IBM Storage Protect Server may be affected by denial of service caused by stack-based overflow in Amazon Ion. CVE-2024-21634. Vulnerability Details CVEID:CVE-2024-21634 DESCRIPTION: Amazon Ion is vulnerable to a denial of service, caused by a stack-based overflow in ion-java for...

7.5CVSS7.5AI score0.0082EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/20 6:3 p.m.28 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Amazon Ion [CVE-2024-21634]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Amazon Ion, caused by a stack-based overflow in ion-java for applications CVE-2024-21634. Amazon Ion is a package used in our Speech Microservices. This vulnerabilitiy has been addresse...

7.5CVSS7.4AI score0.0082EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/06/18 12:0 a.m.30 views

Atlassian Jira Service Management Data Center and Server < 5.4.18 / 5.5.x < 5.12.6 / 5.13.x < 5.15.0 (JSDSERVER-15308)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-15308 advisory. - Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential...

7.5CVSS7.5AI score0.0082EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/11 4:55 p.m.54 views

Security Bulletin: IBM Storage Fusion is vulnerable to denial of service due to Apache Commons Compress and ion-java.

Summary commons-compress and ion-java is used by IBM Storage Fusion as part of the Backup and Restore service and may be vulnerable to the CVEs listed below. CVE-2024-26308, CVE-2024-25710, CVE-2024-21634. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is vulnerab...

8.1CVSS7AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/11 4:55 p.m.22 views

Security Bulletin: IBM Storage Fusion HCI is vulnerable to denial of service due to Apache Commons Compress and ion-java.

Summary commons-compress and ion-java is used by IBM Storage Fusion HCI as part of the Backup and Restore service and may be vulnerable to the CVEs listed below. CVE-2024-26308, CVE-2024-25710, CVE-2024-21634. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is...

8.1CVSS7AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/05 3:16 p.m.57 views

Security Bulletin: There is a vulnerability in Amazon Ion used by IBM Maximo Asset Management application (CVE-2024-21634)

Summary There is a vulnerability in Amazon Ion used by IBM Maximo Asset Management application. Vulnerability Details CVEID:CVE-2024-21634 DESCRIPTION: Amazon Ion is vulnerable to a denial of service, caused by a stack-based overflow in ion-java for applications. By sending a specially crafted...

7.5CVSS7.5AI score0.0082EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/02 5:16 p.m.39 views

Security Bulletin: IBM Maximo Application Suite uses ion-java-1.2.0.jar which is vulnerable to CVE-2024-21634.

Summary IBM Maximo Application Suite uses ion-java-1.2.0.jar which is vulnerable to CVE-2024-21634. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-21634 DESCRIPTION: Amazon Ion is vulnerable to a denial of service, caused by a...

7.5CVSS7.5AI score0.0082EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/15 1:50 p.m.77 views

Security Bulletin: IBM Instana Observability is affected by Vulnerabilities in Puma and Amazon Ion.

Summary Vulnerabilities in Puma and Amazon Ion were remediated in IBM Observability with Instana build 266. Vulnerability Details CVEID:CVE-2024-21647 DESCRIPTION: Puma is vulnerable to a denial of service, caused by incorrect behavior when parsing chunked transfer encoding bodies. By sending a...

7.5CVSS7.2AI score0.00958EPSS
Exploits0Affected Software1
Wolfi
Wolfi
added 2024/01/03 11:15 p.m.57 views

CVE-2024-21634 vulnerabilities

Vulnerabilities for packages: wavefront-proxy...

7.5CVSS6.8AI score0.0082EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/01/03 10:46 p.m.5 views

CVE-2024-21634 Ion Java StackOverflow vulnerability

Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential denial-of-service issue exists in ion-java for applications that use ion-java to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the IonValue model and then...

7.5CVSS7.2AI score0.0082EPSS
Exploits0References1
CVE
CVE
added 2024/01/03 10:46 p.m.410 views

CVE-2024-21634

CVE-2024-21634 is a DoS in Amazon Ion’s Java implementation (ion-java) prior to 1.10.5, triggered when deserializing Ion text/binary data into IonValue and invoking certain IonValue methods, leading to StackOverflowError. The issue is fixed in ion-java 1.10.5. In Jira Software Data Center/Server,...

7.5CVSS7.5AI score0.0082EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/01/03 10:46 p.m.10 views

CVE-2024-21634 Ion Java StackOverflow vulnerability

Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential denial-of-service issue exists in ion-java for applications that use ion-java to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the IonValue model and then...

7.5CVSS7.7AI score0.0082EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/01/03 10:46 p.m.41 views

CVE-2024-21634 Ion Java StackOverflow vulnerability

Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential denial-of-service issue exists in ion-java for applications that use ion-java to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the IonValue model and then...

7.5CVSS7.8AI score0.0082EPSS
Exploits0References1
Rows per page
Query Builder