Lucene search
K

16 matches found

OSV
OSV
added 2026/06/23 9:44 a.m.11 views

ROOT-APP-MAVEN-CVE-2024-38809 CVE-2024-38809 in io.root.org.springframework:spring-web - Patched by Root

Root has patched CVE-2024-38809 in the io.root.org.springframework:spring-web package for Root:Maven. Multiple fixed versions available...

5.3CVSS6.6AI score0.00852EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/01 7:54 p.m.12 views

Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to a denial of service in VMware Tanzu Spring [CVE-2024-38809]

Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in VMware Tanzu Spring, caused by improper input validation CVE-2024-38809. VMware Tanzu Spring is used in our Speech microservices. This vulnerabilitiy has been addressed. Please read the details for remediation...

5.3CVSS6.8AI score0.00852EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2024-38809

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Applications that parse ETags from If-Match or If-None-Match request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the...

5.3CVSS6.7AI score0.00852EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/27 5:3 p.m.14 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in Spring Framework [CVE-2024-38809]

Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in Spring Framework, caused by improper input validation CVE-2024-38809. Spring Framework is used by our Speech Microservices. This vulnerabilitiy has been addressed. Please read the details for remediation below...

5.3CVSS6.8AI score0.00852EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.19 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to spring-web-6.1.11.jar CVE-2024-38809

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to spring-web-6.1.11.jar CVE-2024-38809. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-38809 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denia...

5.3CVSS6.8AI score0.00852EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.31 views

Security Bulletin: Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager (CVE-2024-38808,CVE-2024-38809).

Summary Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager CVE-2024-38808,CVE-2024-38809. IBM has addressed the vulnerabilities. Vulnerability Details CVEID:CVE-2024-38809 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service,...

5.3CVSS7AI score0.00852EPSS
Exploits0Affected Software1
Circl
Circl
added 2024/09/27 8:5 p.m.5 views

CVE-2024-38809

creationtimestamp| type| source ---|---|--- 2024-09-27 20:05:03+00:00| seen| https://t.me/cvedetector/6564...

5.3CVSS6.5AI score0.00852EPSS
Exploits0References1
Wolfi
Wolfi
added 2024/09/27 5:15 p.m.31 views

CVE-2024-38809 vulnerabilities

Vulnerabilities for packages: thingsboard, apache-nifi...

5.3CVSS6.7AI score0.00852EPSS
Exploits0
Cvelist
Cvelist
added 2024/09/27 4:39 p.m.26 views

CVE-2024-38809

Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users of older, unsupported versions could enforce a size limit on "If-Match" and "If-None-Match" headers,...

5.3CVSS0.00852EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/09/27 4:39 p.m.16 views

CVE-2024-38809

Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users of older, unsupported versions could enforce a size limit on "If-Match" and "If-None-Match" headers,...

5.3CVSS6.6AI score0.00852EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/09/24 6:34 p.m.9 views

ai.optfor:spring-openai-api (>=0.1 <=0.3.25), am.ik.s3:simple-s3-client (>=0.1.0 <=0.1.1) +4182 more potentially affected by CVE-2024-38809 via org.springframework:spring-web (>=6.0.0 <=6.0.22)

org.springframework:spring-web MAVEN version =6.0.0, =0.1, =0.1.0, =0.2.3, =0.2.3, =0.0.6, =0.0.6, =4.0.0, =1.5.0.RELEASE, =1.5.1.RELEASE, =1.5.0.RELEASE, =2.1.0.RELEASE, =1.5.0.RELEASE, =3.0.0, =3.1.1 and more Source cves: CVE-2024-38809 Source advisory: OSV:GHSA-2RMJ-MQ67-H97G...

5.3CVSS6.7AI score0.00852EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/09/24 6:34 p.m.10 views

ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.70.0 <=0.74.0), ai.ancf.lmos:arc-runner (=0.73.0) +3489 more potentially affected by CVE-2024-38809 via org.springframework:spring-web (>=6.1.0 <=6.1.11)

org.springframework:spring-web MAVEN version =6.1.0, =0.70.0, =0.1.0, =0.5.0, =0.6.0, =0.6.0, =0.5.0, =0.6.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.8.7 and more Source cves: CVE-2024-38809 Source advisory: OSV:GHSA-2RMJ-MQ67-H97G...

5.3CVSS6.7AI score0.00852EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/09/24 6:34 p.m.9 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +36951 more potentially affected by CVE-2024-38809 via org.springframework:spring-web (>=1.2.1 <=5.3.37)

org.springframework:spring-web MAVEN version =1.2.1, =1.1, =0.0.1, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.2.0 and more Source cves: CVE-2024-38809 Source advisory: OSV:GHSA-2RMJ-MQ67-H97G...

5.3CVSS6.7AI score0.00852EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/23 12:0 a.m.60 views

Spring Framework < 5.3.39 / 6.0.x < 6.0.23 / 6.1.x < 6.1.12 HTTP Request DoS (CVE-2024-38809)

The remote host contains a Spring Framework version prior to 5.3.39, 6.0.x prior to 6.0.23, or 6.1.x prior to 6.1.12. It is, therefore, affected by an HTTP Request DoS vulnerability: - Applications that parse ETags from 'If-Match' or 'If-None-Match' request headers are vulnerable to DoS attack...

5.3CVSS6.8AI score0.00852EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/08/15 12:0 a.m.35 views

VMware Spring Framework < 5.3.38, 6.0.x < 6.0.23, 6.1.x < 6.1.12 DoS Vulnerability - Linux

The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.3CVSS6.9AI score0.00852EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/08/15 12:0 a.m.82 views

VMware Spring Framework < 5.3.38, 6.0.x < 6.0.23, 6.1.x < 6.1.12 DoS Vulnerability - Windows

The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.3CVSS6.9AI score0.00852EPSS
Exploits0References2
Rows per page
Query Builder