Lucene search
+L

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.25 views

Security Bulletin: IBM Maximo Application Suite -IoT Component uses cxf-rt-transports-http-4.0.4.jar which is vulnerable to CVE-2024-41172

Summary IBM Maximo Application Suite -IoT Component uses cxf-rt-transports-http-4.0.4.jar which is vulnerable to CVE-2024-41172. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-41172 DESCRIPTION: Apache CXF is vulnerable to a...

7.5CVSS6.7AI score0.01197EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/11/04 8:13 p.m.44 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.7CVSS6.7AI score0.33623EPSS
Exploits2References26
vulnersOsv
vulnersOsv
added 2024/07/19 9:32 a.m.9 views

be.atbash.test:integration-testing (=2.2.0), be.atbash.test:integration-testing-database (=2.2.0) +511 more potentially affected by CVE-2024-41172 via org.apache.cxf:cxf-rt-transports-http (>=4.0.0 <=4.0.4)

org.apache.cxf:cxf-rt-transports-http MAVEN version =4.0.0, =1.0.0, =12.1-16, =0.0.1, =2.70.0, =2.71.1 - com.codbex.kronos:codbex-kronos-commons =2.70.0 - com.codbex.kronos:codbex-kronos-components-api-parent =2.69.0 - com.codbex.kronos:codbex-kronos-components-engine-xsjob =2.69.0 -...

7.5CVSS6.7AI score0.01197EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/07/19 9:32 a.m.9 views

com.axonivy.ivy.tool.soap:cxf-client-codegen (=1.0.0), cv.igrp:igrp-core (>=1.7.3.230801 <=1.7.3.230802) +294 more potentially affected by CVE-2024-41172 via org.apache.cxf:cxf-rt-transports-http (>=3.6.0 <=3.6.3)

org.apache.cxf:cxf-rt-transports-http MAVEN version =3.6.0, =1.7.3.230801, =3.0-M3, =3.0-M3, =3.0-M3, =4.4.6.hyte-24270, =4.4.6.hyte-24270, =4.4.6.hyte-24270, =4.4.8.hyte-26150 - io.hyte.platform:repo =4.4.6.hyte-24270 - net.tirasa.connid.bundles:net.tirasa.connid.bundles.servicenow =1.0.4 -...

7.5CVSS6.4AI score0.01197EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/07/19 8:50 a.m.23 views

CVE-2024-41172 Apache CXF: Unrestricted memory consumption in CXF HTTP clients

In versions of Apache CXF before 3.6.4 and 4.0.5 3.5.x and lower versions are not impacted, a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out o...

6.4AI score0.01197EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/19 8:50 a.m.35 views

CVE-2024-41172 Apache CXF: Unrestricted memory consumption in CXF HTTP clients

In versions of Apache CXF before 3.6.4 and 4.0.5 3.5.x and lower versions are not impacted, a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out o...

0.01197EPSS
Exploits0References1
Rows per page
Query Builder