DoS (Denial of Service) com.squareup.okio:okio Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 5.15.0, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 11.0.1, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score ...

EUVD-2023-2158

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-3635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when...

Security Bulletin: Vulnerability in Okio GzipSource affects watsonx.data

Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...

Security Bulletin: Vulnerablity in Okio GzipSource affects watsonx.data

Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Okio GzipSource denial of service vulnerability [ CVE-2023-3635]

Summary Potential Okio GzipSource denial of service vulnerability CVE-2023-3635 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-3635...

Security Bulletin: IBM Automation Decision Services for May 2024 - Multiple CVEs addressed

Summary "IBM Automation Decision Services is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed." Vulnerability Details CVEID:CVE-2024-288...

Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack due to Okio component ( CVE-2023-3635).

Summary IBM Event Streams is vulnerable to a denial of service attack due to Okio GzipSource component used in our strimzi-kafka-bridge. Okio is used in kafka to efficiently handle byte streams and improve data serialization/deserialization and network communication performance. Vulnerability...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.5

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.5 Vulnerability Details CVEID:CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitra...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection Component uses the source GzipSource and this does not handle an exception that might be raised when parsing a malformed gzip buffer. CVE-2023-3635

Summary IBM Maximo Application Suite - Visual Inspection Component uses the GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class...

okio: GzipSource class improper exception handling

A flaw was found in SquareUp Okio. A class GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This issue may allow a malicious user to start processing a malformed file, which can result in a Denial of Service DoS...

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to denial of service CVE-2023-3635

Summary Okio GzipSource is used by the IBM Datapower Operations Dashboard in its IO infrastructure. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzip buffer, a remote...

Security Bulletin: IBM Workload Automation potentially affected by a vulnerability in Okio GzipSource (CVE-2023-3635)

Summary IBM Workload Automation is potentially affected by a vulnerability found in Okio GzipSource that can cause denial of service. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially...

Atlassian Confluence 7.13 < 7.19.17 / 8.0.x < 8.4.5 / 8.5.x < 8.5.4 / 8.6.x < 8.6.2 DoS (CONFSERVER-93623)

The version of Atlassian Confluence Server running on the remote host is 7.13.x prior to 7.19.17, 8.0.x prior to 8.5.4, or 8.6.x prior to 8.6.2. It is, therefore, affected by a denial of service DoS vulnerability as referenced in the CONFSERVER-93623 advisory. The vulnerability lies in the...

Security Bulletin: IBM Maximo Application Suite uses okio-jvm-3.0.0.jar which is vulnerable to CVE-2023-3635

Summary IBM Maximo Application Suite uses okio-jvm-3.0.0.jar which is vulnerable to CVE-2023-3635. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by...

DoS (Denial of Service) com.squareup.okio:okio-jvm Dependency in Confluence Data Center and Server

This High severity com.squareup.okio:okio-jvm Dependency vulnerability was introduced in versions 7.13.0, 7.19.0, 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, and 8.6.0 of Confluence Data Center and Server. This com.squareup.okio:okio-jvm Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS...

DoS (Denial of Service) okio in Bitbucket Data Center and Server

This High severity Third-Party Dependency vulnerability is included in versions 7.17.0, 7.21.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, and 8.14.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

Critical: Red Hat Security Advisory: Red Hat Fuse 7.12.1 release and security update

A minor version update from 7.12 to 7.12.1 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scori...

okio: GzipSource class improper exception handling

A flaw was found in SquareUp Okio. A class GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This issue may allow a malicious user to start processing a malformed file, which can result in a Denial of Service DoS...

Security Bulletin: IBM Event Endpoint Management is vulnerable to a denial of service

Summary Operator of IBM Event Endpoint Management is vulnerable to a denial of service of the Okio client CVE-2023-3635 Vulnerability Details CVEID: CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzip...