Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to okio-2.8.0.jar

Summary IBM webMethods BPM uses okio-2.8.0.jar for I/O operations to make reading and writing data faster and safer than Java's inbuilt APIs. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer...

The vulnerability of the GzipSource component in the Okio client HTTP library allows a attacker to cause a service failure.

The vulnerability of the GzipSource component in the Okio client HTTP library is related to the lack of a data type conversion mechanism. Exploiting this vulnerability allows an attacker to cause service failures remotely...

Okio 安全漏洞

Okio is an open source library from Square. A security vulnerability exists in square okio that stems from an exception that may be thrown when not parsing a malformed gzip buffer, which could lead to a denial of service on the client side...

[SECURITY] Fedora 23 Update: okio-1.6.0-1.fc23

Okio is a new library that complements java.io and java.nio to make it much easier to access, store, and process data...