Lucene search
K

9 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:48 a.m.77 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for September and October 2024.

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF037 and 24.0.0-IF003. Vulnerability Details CVEID:CVE-2024-39249 DESCRIPTION: Async is vulnerable to a denial of service, caused by the ReDoS Regular Expression Denial of Service while...

8.5CVSS9.9AI score0.91969EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/26 6:47 p.m.10 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in Async

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of Async Vulnerability Details CVEID:CVE-2024-39249 DESCRIPTION: Async is vulnerable to a denial of service, caused by the ReDoS Regular Expression Denial of Service while parsing function in autoinject function. By sending a...

7.5CVSS6.6AI score0.00812EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/03 11:4 p.m.60 views

Security Bulletin: IBM Cloud Pak for Network Automation 2.7.5 addresses multiple security vulnerabilities.

Summary IBM Cloud Pak for Network Automation 2.7.5 addresses multiple security vulnerabilities. Vulnerability Details CVEID:CVE-2024-32879 DESCRIPTION: Python Social Auth Django could allow a remote authenticated attacker to bypass security restrictions, caused by improper handling of case...

8.2CVSS9.2AI score0.8496EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.13 views

Security Bulletin: Vulnerability in Async ( CVE-2024-39249) may affect IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential denial of service vulnerability CVE-2024-392498 has been identified related to Async that may affect IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-39249...

7.5CVSS6.8AI score0.00812EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/12 10:8 a.m.17 views

Security Bulletin: Due to use of Async, IBM Event Processing is vulnerable to Regular Expression Denial of Service

Summary Async is used by IBM Event Processing as part of the frontend. CVE-2024-39249 Vulnerability Details CVEID:CVE-2024-39249 DESCRIPTION: Async is vulnerable to a denial of service, caused by the ReDoS Regular Expression Denial of Service while parsing function in autoinject function. By...

7.5CVSS7.4AI score0.00812EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/23 8:18 a.m.22 views

Security Bulletin: IBM Decision Optimization for Cloud Pak for Data is vulnerable to a denial of service (CVE-2024-39249)

Summary There is a vulnerability in Async used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-39249 DESCRIPTION: Async is vulnerable to a denial of service, caused...

7.5CVSS8.4AI score0.00812EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/26 5:29 p.m.34 views

Security Bulletin: Denial of service and server-side request forgery might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2024-39249, CVE-2024-39338 Vulnerability Details CVEID:CVE-2024-39249 DESCRIPTION: Async is vulnerable to a denial of...

7.5CVSS7.8AI score0.01414EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/31 1:13 p.m.22 views

Security Bulletin: IBM Maximo Application Suite - AI Broker component uses async-3.2.5.tgz which is vulnerable to this CVE-2024-39249

Summary IBM Maximo Application Suite - AI Broker component includesasync-3.2.5.tgz which is vulnerable to this CVE-2024-39249. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-39249 DESCRIPTION: Async is vulnerable to a denial of...

7.5CVSS7.4AI score0.00812EPSS
Exploits0Affected Software1
CVE
CVE
added 2024/07/01 12:0 a.m.167 views

CVE-2024-39249

CVE-2024-39249 is an Async package ReDoS vulnerability affecting Async <= 2.6.4 and

7.5CVSS6.5AI score0.00812EPSS
Exploits0References5
Rows per page
Query Builder