EUVD-2022-1484

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-26336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files...

Security Bulletin: A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception, which affects IBM watsonx.data

Summary A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.6

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.6 Vulnerability Details CVEID:CVE-2024-2398 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a memory le...

Important: Red Hat Security Advisory: Red Hat Fuse 7.11.0 release and security update

A minor version update from 7.10 to 7.11 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scorin...

poi-scratchpad: A carefully crafted TNEF file can cause an out of memory exception

A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...

Security Bulletin: A security vulnerability has been identified in Apache poi-scratchpad shipped with IBM Tivoli Netcool Impact (CVE-2022-26336)

Summary Apache poi-scratchpad is shipped with IBM Tivoli Netcool Impact. Information about a security vulnerability affecting Apache poi-scratchpad has been published in a security bulletin. Vulnerability Details CVEID: CVE-2022-26336 DESCRIPTION: Apache POI is vulnerable to a denial of service,...

org.apache.poi:poi-examples (=3.11-beta1), org.apache.poi:poi-excelant (=3.11-beta1) +2 more potentially affected by CVE-2014-3574 via org.apache.poi:poi (=3.11-beta1)

org.apache.poi:poi MAVEN version =3.11-beta1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.poi:poi and may be impacted: - org.apache.poi:poi-examples =3.11-beta1 - org.apache.poi:poi-excelant =3.11-beta1 - org.apache.poi:poi-ooxml...

com.bbossgroups.pdp:bboss-pdp-adminservice (>=5.0.1.1 <=5.2.0), com.bbossgroups.pdp:bboss-pdp-fastwx (=5.0.1.2) +77 more potentially affected by CVE-2012-0213 via org.apache.poi:poi-scratchpad (>=3.0.1-FINAL <=3.10-FINAL)

org.apache.poi:poi-scratchpad MAVEN version =3.0.1-FINAL, =5.0.1.1, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.6.4 and more Source cves: CVE-2012-0213 Source advisory: OSV:GHSA-JQX5-H2HW-5Q4F...

CVE-2022-26336

A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...

Denial Of Service (DoS)

poi-scratchpad is vulnerable to denial of service. An attacker can cause an application crash through the out of memory exception by submitting the malicious TNEF file to the TNEFAttribute parameter in the create function of MAPIAttribute.java...

ai.stainless:grails-tika (=0.1.0), be.ugent.idlab.knows:dataio (>=1.2.0 <=1.3.1) +637 more potentially affected by CVE-2022-26336 via org.apache.poi:poi-scratchpad (>=3.8-beta1 <=5.2.0)

org.apache.poi:poi-scratchpad MAVEN version =3.8-beta1, =1.2.0, =1.3, =1.0.7, =1.0.7, =1.0.1, =0.0.4, =1.0.0, =1.0.0, =1.0.3 - cn.com.jeeweb:jeeweb-jwt =1.0.0 - cn.com.jeeweb:jeeweb-minio =1.0.0 and more Source cves: CVE-2022-26336 Source advisory: OSV:GHSA-MQVP-7RRG-9JXC...

GHSA-MQVP-7RRG-9JXC Improper Input Validation and Allocation of Resources Without Limits or Throttling in poi-scratchpad

A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...

Improper Input Validation and Allocation of Resources Without Limits or Throttling in poi-scratchpad

A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...

CVE-2022-26336

A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...

CVE-2022-26336

A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...

UBUNTU-CVE-2022-26336

A shortcoming in the HMEF package of poi-scratchpad Apache POI allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files Microsoft Outlook and Microsoft Exchange Server. If an application uses poi-scratchpad to parse TNEF files and the application allows...

PT-2022-17794 · Microsoft · Exchange Server +1

Name of the Vulnerable Software and Affected Versions: poi-scratchpad versions 5.2.0 and prior versions Description: A shortcoming in the HMEF package of poi-scratchpad allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files, which are associated with...

CVE-2022-26336

CVE-2022-26336 affects the poi-scratchpad HMEF package in Apache POI used to read TNEF files. The issue can trigger an Out of Memory exception when parsing untrusted TNEF inputs, impacting poi-scratchpad versions up to 5.2.0. The publicly recommended remediation is to upgrade to poi-scratchpad 5....