Denial Of Service(DoS)

Apache IoTDB is vulnerable to denial of service. The vulnerability exists in multiple functions due to untrusted patterns for REGEXP queries which allows an attacker to crash the application via malicious input. This vulnerability is only applicable to Java 8...

Apache IoTDB subject to ReDOS with Java 8

Apache IoTDB versions 0.12.2 through 0.12.6, and 0.13.0 through 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. This issue is patched in 0.13.3. Users should upgrade or use a later version of Java to avoid it...

CVE-2022-43766

Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it...

PYSEC-2022-42972

Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it...

Design/Logic Flaw

Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it...

Security Bulletin: A security vulnerability has been identified in IBM Java shipped with IBM Intelligent Operations Center (CVE-2021-41041)

Summary A vulnerability have been identified in IBM MQ and Java 8 which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details Refer to th...

CVE-2022-43766 Apache IoTDB prior to 0.13.3 allows DoS

Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it...

PT-2022-27026 · Apache · Apache Iotdb

Name of the Vulnerable Software and Affected Versions: Apache IoTDB versions 0.12.2 through 0.12.6 Apache IoTDB versions 0.13.0 through 0.13.2 Description: The issue is a Denial of Service attack that occurs when Apache IoTDB accepts untrusted patterns for REGEXP queries with Java 8. Users can...

CVE-2022-43766 Apache IoTDB prior to 0.13.3 allows DoS

Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it...

CVE-2022-43766

CVE-2022-43766 affects Apache IoTDB versions 0.12.2–0.12.6 and 0.13.0–0.13.2. The issue is a Denial of Service caused by accepting untrusted REGEXP query patterns when running with Java 8, as described across multiple sources. The fixed release is 0.13.3 or newer, and using a later Java version a...

Exploit for Code Injection in Apache Commons_Text

cve-2022-42889-intercept It should be noted that versions...

java-1.8.0-openjdk security update

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-shell-poc A Proof-Of-Concept for the recently found CVE-...

CVE-2021-41041

In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles...

Security Bulletin: A vulnerability have been identified in Java 8 shipped with IBM® Intelligent Operations Center (CVE-2021-35561)

Summary A vulnerability have been identified in Java 8 shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2021-35561 DESCRIPTIO...

Security Bulletin: Multiple vulnerabilities have been identified in Oracle April 2022 CPU for Java 8 shipped with IBM® Intelligent Operations Center(CVE-2022-21496, CVE-2022-21434, CVE-2022-21443)

Summary Multiple vulnerabilities have been identified in Oracle April 2022 CPU for Java 8 shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability...

Security Bulletin: A vulnerability have been identified in IBM Java 8 shipped with IBM® Intelligent Operations Center (CVE-2021-35603)

Summary A vulnerability have been identified in IBM Java 8 shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2021-35603...

Security Bulletin: Multiple vulnerabilities found in IBM MQ and Java 8 which is shipped with IBM® Intelligent Operations Center(CVE-2021-2388, CVE-2021-2369, CVE-2021-2432)

Summary Multiple vulnerabilities have been identified in IBM MQ and Java 8 which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

SUSE: Security Advisory (SUSE-SU-2022:3152-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A vulnerability found in IBM Java 8 which is shipped with IBM® Intelligent Operations Center (CVE-2021-2161)

Summary A vulnerability found in IBM Java 8 which is shipped with IBM® Intelligent Operations Center. Information about this vulnerability affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2021-2161 DESCRIPTION: An...