Fedora: Security Advisory for modulemaker-maven-plugin (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for CFR (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: modulemaker-maven-plugin-1.11-1.fc40

This plugin allows the creation of a module-info.class for projects on Java 6 to Java 8 where a module-info.java file cannot be compiled...

[SECURITY] Fedora 40 Update: CFR-0.151-16.fc40

CFR will decompile modern Java features - including much of Java 9, 12 & 14, but is written entirely in Java 6, so will work anywhere! It'll even make a decent go of turning class files from other JVM languages b ack into java!...

Security Bulletin: Vulnerabilities in IBM Java SDK (CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823)

Abstract These vulnerabilities are only applicable to Java deployments where untrusted code may be executed under a security manager e.g. Java applets running in a web browser. Content VULNERABILITY DETAILS: CVE IDs: CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823 DESCRIPTION: There ar...

Local Information Disclosure Vulnerability in io.netty:netty-codec-http

Description GHSA-5mcr-gq6c-3hq2 CVE-2021-21290 contains an insufficient fix for the vulnerability identified. Impact When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This...

Information Disclosure

netty-common is vulnerable to Information Disclosure. The vulnerability exists due to the insufficient fix for the CVE-2021-21290. When the temporary storing uploads on the disk is enabled and running on java 6, an attacker can gain sensitive information through the local system temporary directo...

CVE-2022-24823

Netty is an open-source, asynchronous event-driven network application framework. The package io.netty:netty-codec-http prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local syst...

Information disclosure

Netty is an open-source, asynchronous event-driven network application framework. The package io.netty:netty-codec-http prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local syst...

CVE-2022-24823 Local Information Disclosure Vulnerability in io.netty:netty-codec-http

Netty is an open-source, asynchronous event-driven network application framework. The package io.netty:netty-codec-http prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local syst...

CVE-2022-24823 Local Information Disclosure Vulnerability in io.netty:netty-codec-http

Netty is an open-source, asynchronous event-driven network application framework. The package io.netty:netty-codec-http prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local syst...

CVE-2022-24823

CVE-2022-24823 affects Netty’s io.netty:netty-codec-http prior to 4.1.77.Final, describing an insufficient fix for CVE-2021-21290. When Netty’s multipart decoders handle uploads and temporary disk storage is enabled, local information can be disclosed via the system temporary directory. This affe...

Security Bulletin: Potential spoofing attack in WebSphere Application Server may affect IBM InfoSphere Global Name Management (CVE-2018-1695)

Summary There is a potential spoofing attack in WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations. Vulnerability Details CVEs: CVE-2018-1695 Link to security bulletin:...

Security Bulletin: Code execution vulnerability in WebSphere Application Server may affect IBM InfoSphere Global Name Management (CVE-2018-1567)

Summary There is a potential remote code execution vulnerability in WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations. Vulnerability Details CVEs:CVE-2018-1567 Link to...

Security Bulletin: Potential cross-site scripting vulnerability with the Installation Verification Tool of IBM WebSphere Application Server may affect IBM InfoSphere Global Name Management (CVE-2018-1643)

Summary There is a potential cross-site scripting vulnerability with the Installation Verification Tool of IBM WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations...

Security Bulletin: Information disclosure in Apache Commons HttpClient may affect WebSphere Application Server as part of IBM InfoSphere Global Name Management (CVE-2012-5783)

Summary There is a potential information disclosure in Apache Commons HttpClient used by WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations. Vulnerability Details CVEs:...

Security Bulletin: Potential denial of service vulnerability in WebSphere Application Server may affect IBM InfoSphere Global Name Management (CVE-2019-4046)

Summary There is a potential denial of service vulnerability in WebSphere Application Server shipped as part of IBM Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations. Vulnerability Details CVEs: CVE-2019-4046 Link to security...

Security Bulletin: Potential Remote code execution vulnerability in WebSphere Application Server may affect IBM InfoSphere Global Name Management (CVE-2018-1904)

Summary There is a potential remote code execution vulnerability in WebSphere Application Server shipped as part of IBM Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations. Vulnerability Details CVEs: CVE-2018-1904 Link to security...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Global Name Management (CVE-2018-2783, CVE-2018-3139, CVE-2018-3180, CVE-2018-12547 , CVE-2018-1890, CVE-2019-2426)

Summary There are multiple vulnerabilities in the IBM Java SDK that is used by IBM WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. Vulnerability Details CVEs: CVE-2018-2783, CVE-2018-3139, CVE-2018-3180, CVE-2018-12547 , CVE-2018-1890, CVE-2019-2426 Link to...

Security Bulletin: Multiple vulnerabilities in the IBM® Runtime Environments, Java™ Technology Edition, Version 6 affects the IBM InfoSphere Optim Data Masking Solution.

Summary There are multiple vulnerabilities in the IBM Runtime Environments, Java Technology Edition, Version 6 CVE-2015-0488, CVE-2015-2808,CVE-2015-0410, CVE-2015-1916,CVE-2015-0204 that affect the IBM InfoSphere Optim Data Masking Solution. These issues were disclosed as part of the IBM Java SD...