Lucene search
+L

47 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/10/07 7:57 a.m.10 views

Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Apache Commons Compress

Summary Vulnerabilities have been identified in Apache Commons Compress, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons...

8.1CVSS9.2AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/15 11:32 a.m.13 views

Security Bulletin: Vulnerability in commons-compress affects IBM Integrated Analytics System (Sailfish) [CVE-2024-25710, CVE-2024-26308]

Summary The commons-compress package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVECVE-2024-25710, CVE-2024-26308. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Loop with Unreachable Exit Condition 'Infinite Loop'...

8.1CVSS6.4AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/03 12:44 p.m.13 views

Security Bulletin: Vulnerability in commons-compress affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2024-25710, CVE-2024-26308].

Summary The commons-compress package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2024-25710, CVE-2024-26308. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Loop with Unreachable Exit Condition 'Infinite Loop'...

8.1CVSS6.5AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/28 9:21 a.m.32 views

Security Bulletin: Denial of Service in Apache Commons Compress used by Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2024-25710, CVE-2024-26308)

Summary There is a potential denial of service in Apache Commons Compress that is used by Apache Solr and IBM Operations Analytics - Log Analysis. This is caused by loop with unreachable exit condition and allocation of resources without limits. Vulnerability Details CVEID:CVE-2024-25710...

8.1CVSS6.9AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/12 11:49 a.m.14 views

Security Bulletin: IBM Sterling Control Center is vulnerable to Apache Commons Compress (CVE-2024-26308, CVE-2024-25710)

Summary Apache Commons Compress jar vulnerabilities are impacting IBM Sterling Control Center v6.3.1 and v6.2.1. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons...

8.1CVSS9.5AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/06 2:5 p.m.15 views

Security Bulletin: Vulnerabilities in commons-compress-1.21.jar affects IBM SPSS Collaboration and Deployment Services (CVE-2024-25710, CVE-2024-26308)

Summary There are vulnerabilities in commons-compress-1.21.jar used by IBM SPSS Collaboration and Deployment Services CVE-2024-25710, CVE-2024-26308. These vulnerabilitiies have been addressed. Please read the details for remediation below. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION:...

8.1CVSS6.7AI score0.00898EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-26308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26...

5.5CVSS6.7AI score0.00898EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/30 12:55 p.m.7 views

Security Bulletin: Vulnerability in Apache commons-compress affects watsonx.data

Summary Apache Commons Compress is vulnerable to a denial of service attack and this could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error. By persuading a victim to open a...

5.5CVSS5.7AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.23 views

Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack due to the Apache Commons Compress component (CVE-2024-25710, CVE-2024-26308).

Summary IBM Event Streams is vulnerable to a denial of service due to the Apache Commons Compress component. Commons Compress is a library that creates a standard interface for the most widely used compression and archiving formats. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Apache...

8.1CVSS6.7AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.25 views

Security Bulletin: Vulnerability in Apache Commons Compress ( CVE-2024-26308) may affect IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential vulnerability CVE-2024-26308 has been identified related to Apache Commons Compress that may affect IBM watsonx Assistant for IBM Cloud Pak for Data. vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-26308...

8.1CVSS6.9AI score0.00898EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/10/21 12:0 a.m.31 views

Oracle Application Testing Suite (October 2024 CPU)

The versions of Oracle Application Testing Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2024 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps...

8.1CVSS6.3AI score0.00898EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/08 8:35 a.m.31 views

Security Bulletin: IBM Maximo Application Suite uses multiple packages which are vulnerable to multiple CVEs

Summary IBM Maximo Application Suite uses golang.org/x/net/http2 - v0.19.0 , v0.20.0, github.com/lestrrat-go/jwx/v2 - v2.0.11, setuptools - 50.3.2, tar - 6.2.0, github.com/docker/docker - v24.0.7, follow-redirects - 1.15.4, express - 4.18.2 , idna - 3.6 ,org.apache.cxfcxf-core - 3.5.5,...

9.3CVSS8.4AI score0.05849EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/01 9:17 p.m.37 views

Security Bulletin: IBM Content Navigator is vulnerable to Denial of Service (DoS) due to Apache Commons Compress (CVE-2024-26308, CVE-2024-25710)

Summary Apache Commons Compress is used by IBM Content Navigator to work with archive files. CVE-2024-26308, CVE-2024-25710 Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error. By persuading a victi...

8.1CVSS6.5AI score0.00898EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/18 12:0 a.m.58 views

Oracle WebCenter Portal (July 2024 CPU)

The 12.2.1.4.0 versions of WebCenter Portal installed on the remote host are affected by a vulnerability as referenced in the July 2024 CPU advisory. - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Portal Core Apache SOAP. The supported version that i...

9.8CVSS6.2AI score0.02251EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/10 7:5 a.m.33 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM Db2 shipped with IBM Security Guardium Key Lifecycle Manager

Summary IBM Db2 is shipped as a component of IBM Security Key Lifecycle Manager SKLM/GKLM. Information about multiple security vulnerabilities affecting IBM Db2 has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

9.8CVSS7.3AI score0.03179EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/08 9:39 a.m.34 views

Security Bulletin: Apache Commons Compress vulnerability affect IBM Spectrum Control

Summary Apache Commons Compress is vulnerable to a denial of service. This vulnerability affect IBM Spectrum Control. CVE-2024-25710, CVE-2024-26308, CVE-2023-42503. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an...

8.1CVSS6.6AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/26 4:22 p.m.31 views

Security Bulletin: IBM Operator for Apache Flink is vulnerable to a denial of service attack due to the Apache Commons Compress component ( CVE-2024-25710,CVE-2024-26308).

Summary IBM Operator for Apache Flink is vulnerable to a denial of service attack due to the Apache Commons Compress component. Apache Flink uses Commons Compress for handling compressed files and formats, enabling efficient data processing and storage. Vulnerability Details CVEID:CVE-2024-25710...

8.1CVSS6.6AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/18 8:3 p.m.54 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server

Summary IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in a security bulletin CVE-2023-45853, CVE-2023-29267, CVE-2024-25710, CVE-2024-26308, CVE-2023-45178, CVE-2024-28762, CVE-2024-28757, CVE-2024-29025,...

9.8CVSS7.6AI score0.03179EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/11 5:27 p.m.24 views

Security Bulletin: IBM® Db2® federated server is affected by vulnerabilities in the open source commons-compress library. (CVE-2024-25710, CVE-2024-26308)

Summary IBM® Db2® federated server is affected by vulnerabilities in the open source commons-compress library when using the NoSQL Blockchain wrapper. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an infinite loop...

8.1CVSS7.1AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/07 6:45 a.m.21 views

Security Bulletin: IBM Suite License Service uses commons-compress-1.25.0.jar which is vulnerable to CVE-2024-26308 and CVE-2024-25710.

Summary IBM Suite License Service uses commons-compress-1.25.0.jar which is vulnerable to CVE-2024-26308 and CVE-2024-25710. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is vulnerabl...

8.1CVSS6.6AI score0.00898EPSS
Exploits0Affected Software1
Rows per page
Query Builder