Security Bulletin: Vulnerability in Okio GzipSource affects watsonx.data

Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...

Security Bulletin: Vulnerablity in Okio GzipSource affects watsonx.data

Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Okio GzipSource denial of service vulnerability [ CVE-2023-3635]

Summary Potential Okio GzipSource denial of service vulnerability CVE-2023-3635 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-3635...

Security Bulletin: IBM Automation Decision Services for May 2024 - Multiple CVEs addressed

Summary "IBM Automation Decision Services is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed." Vulnerability Details CVEID:CVE-2024-288...

Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack due to Okio component ( CVE-2023-3635).

Summary IBM Event Streams is vulnerable to a denial of service attack due to Okio GzipSource component used in our strimzi-kafka-bridge. Okio is used in kafka to efficiently handle byte streams and improve data serialization/deserialization and network communication performance. Vulnerability...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.5

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.5 Vulnerability Details CVEID:CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitra...

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to denial of service CVE-2023-3635

Summary Okio GzipSource is used by the IBM Datapower Operations Dashboard in its IO infrastructure. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzip buffer, a remote...

Security Bulletin: IBM Workload Automation potentially affected by a vulnerability in Okio GzipSource (CVE-2023-3635)

Summary IBM Workload Automation is potentially affected by a vulnerability found in Okio GzipSource that can cause denial of service. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially...

Security Bulletin: IBM App Connect Enterprise Toolkit and IBM Integration Bus Toolkit are vulnerable to a denial of service due to Okio GzipSource (CVE-2023-3635).

Summary IBM App Connect Enterprise Toolkit and IBM Integration Bus Toolkit using Maven projects feature are vulnerable to a denial of service due to Okio GzipSource. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled...

Security Bulletin: Vulnerability in Okio GzipSource affects IBM Process Mining . CVE-2023-3635

Summary There is a vulnerability in CVE-2023-3635 that could allow a remote attacker to execute a denial of service. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Ok...

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Okio GzipSource

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Okio GzipSource. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzip buffe...

Security Bulletin: Okio GzipSource is vulnerable to CVE-2023-3635 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Okio GzipSource which is vulnerable to CVE-2023-3635. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzip buffe...

CVE-2023-3635 Okio GzipSource unhandled exception Denial of Service

GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class...

CVE-2023-3635 Okio GzipSource unhandled exception Denial of Service

GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class...