4 matches found
Security Bulletin: IBM CloudPak for Data Scheduling Service is vulernable to the Sweet32 attack.
Summary The 3DES cipher was available in some TLS cipher suites. Vulnerability Details CVEID:CVE-2016-2183 DESCRIPTION: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which...
Security Bulletin: IBM CloudPak for Data Scheduling Service is vulernable to CVE-2024-45338.
Summary golang.org/x/net-v0.24.0 is used by the CP4D Scheduling Service. CVE-2024-45338. Vulnerability Details CVEID:CVE-2024-45338 DESCRIPTION: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow...
Security Bulletin: IBM CloudPak for Data Scheduling Service is vulernable to CVE-2024-36129.
Summary OpenTelemetry Collector is used by the CP4D Scheduling Service for telemetry collection. CVE-2024-36129. Vulnerability Details CVEID:CVE-2024-36129 DESCRIPTION: OpenTelemetry OpenTelemetry Collector is vulnerable to a denial of service, caused by an unsafe decompression vulnerability. By...
Security Bulletin: IBM CloudPak for Data Scheduling Service is vulernable to IBM X-Force ID: 350626.
Summary GRPC-Go is used by the CP4D Scheduling Service for inter-process communication. IBM X-Force ID: 350626. Vulnerability Details IBM X-Force ID: 350626 DESCRIPTION: gRPC-Go is vulnerable to a denial of service, caused by a flaw in handling multiplexed streams in the HTTP/2 protocol. By sendi...