50 matches found
DoS (Denial of Service) com.squareup.okio:okio Dependency in Jira Software Data Center
This High severity DoS Denial of Service vulnerability was introduced in versions 9.12.1, 10.3.0 not all patched versions - see the fix and affects versions field and 11.3.0 of Jira Software Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
DoS (Denial of Service) com.squareup.okio:okio Dependency in Jira Service Management Data Center
This High severity DoS Denial of Service vulnerability was introduced in versions 5.15.0, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 11.0.1, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score ...
Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to okio-2.8.0.jar
Summary IBM webMethods BPM uses okio-2.8.0.jar for I/O operations to make reading and writing data faster and safer than Java's inbuilt APIs. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer...
EUVD-2023-2158
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-3635
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when...
Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in okio-2.8.0.jar
Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of okio-2.8.0.jar Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client...
Security Bulletin: Vulnerability in Okio GzipSource affects watsonx.data
Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...
Security Bulletin: Vulnerablity in Okio GzipSource affects watsonx.data
Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Okio GzipSource denial of service vulnerability [ CVE-2023-3635]
Summary Potential Okio GzipSource denial of service vulnerability CVE-2023-3635 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-3635...
Security Bulletin: IBM Automation Decision Services for May 2024 - Multiple CVEs addressed
Summary "IBM Automation Decision Services is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed." Vulnerability Details CVEID:CVE-2024-288...
Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack due to Okio component ( CVE-2023-3635).
Summary IBM Event Streams is vulnerable to a denial of service attack due to Okio GzipSource component used in our strimzi-kafka-bridge. Okio is used in kafka to efficiently handle byte streams and improve data serialization/deserialization and network communication performance. Vulnerability...
Moderate: Red Hat Security Advisory: Red Hat JBoss EAP 7.4.14 XP 4.0.2.GA security release
JBoss EAP XP 4.0.2.GA security release on the EAP 7.4.14 base is now available. See references for release notes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.5
Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.5 Vulnerability Details CVEID:CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitra...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection Component uses the source GzipSource and this does not handle an exception that might be raised when parsing a malformed gzip buffer. CVE-2023-3635
Summary IBM Maximo Application Suite - Visual Inspection Component uses the GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class...
Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 270. Vulnerability Details CVEID:CVE-2024-29133 DESCRIPTION: Apache Commons Configuration could allow a remote attacker to execute arbitrary code on the system, caused by ...
Security Bulletin: Vulnerability of okio-1.13.0.jar is affecting APM WebSphere Application Server Agent, APM Tomcat Agent, APM SAP NetWeaver Java Stack Agent, APM WebLogic Agent and APM Data Collector for J2SE
Summary APM WebSphere Application Server Agent, APM Tomcat Agent, APM SAP NetWeaver Java Stack Agent, APM WebLogic Agent and APM Data Collector for J2SE are vulnerable to okio-1.13.0.jar CVE-2023-3635. The workaround includes okio-1.13.0.jar upgraded to okio-3.5.0.jar . Vulnerability Details...
Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.5 security update
An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which provides a detailed severity rating, is available for each vulnerability from th...
okio: GzipSource class improper exception handling
A flaw was found in SquareUp Okio. A class GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This issue may allow a malicious user to start processing a malformed file, which can result in a Denial of Service DoS...
Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to denial of service CVE-2023-3635
Summary Okio GzipSource is used by the IBM Datapower Operations Dashboard in its IO infrastructure. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzip buffer, a remote...
Security Bulletin: IBM Workload Automation potentially affected by a vulnerability in Okio GzipSource (CVE-2023-3635)
Summary IBM Workload Automation is potentially affected by a vulnerability found in Okio GzipSource that can cause denial of service. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially...