Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update

Summary Identity Insight customers are advised to update IBM WebSphere Liberty Profile WLP to version 26.0.0.4 for security update in WLP. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|-...

runZero Platform 安全漏洞

RunZero Platform is an asset discovery and attack surface management platform developed by the US company RunZero. Versions of RunZero Platform prior to 4.0.260203.0 contained security vulnerabilities. These vulnerabilities were caused by resource expiration or insufficient control after resource...

Operation on a Resource after Expiration or Release

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Operation on a Resource after Expiration or Release due to the recovery code. An attacker can repeatedly gain unauthorized...

Operation on a Resource after Expiration or Release

Overview Affected versions of this package are vulnerable to Operation on a Resource after Expiration or Release in the macaroon validation for cross-model authorization. An attacker can maintain unauthorized access to resources by crafting and submitting an invalid macaroon that is incorrectly...

ROS-20251020-06

MongoDB database management system upsert operation vulnerability is related to operations on a resource after its expiration date. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

EUVD-2024-42864

Malicious code in bioql PyPI...

EUVD-2023-45614

Malicious code in bioql PyPI...

EUVD-2023-50401

Malicious code in bioql PyPI...

CVE-2023-46158

IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than expected security due to improper resource expiration handling. IBM X-Force ID: 268775...

CVE-2024-47571

An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper access to FortiGate via valid credentials...

ROS-20240813-01

The vulnerability of the nftsetrbtree function net/netfilter/nftsetrbtree.c of the Netfilter component of the Linux operating system is related to the operation exceeding the memory buffer boundaries. component of the Netfilter component of the Linux operating system is related to an operation...

Security Bulletin: IBM Match 360 is vulnerable to could provide weaker than expected security due to improper resource expiration handling in IBM WebSphere Application Server Liberty (CVE-2023-46158)

Summary IBM Match 360 is vulnerable due to weaker than expected security due to improper resource expiration handling in IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2023-46158 DESCRIPTION:...

Security Bulletin: IBM Sterling B2B Integrator B2B API is affected by improper resource expiration handling due to IBM WebSphere Application Server Liberty (CVE-2023-46158)

Summary IBM Sterling B2B Integrator uses IBM WebSphere Application Server Liberty. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-46158 DESCRIPTION: IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide...

Security Bulletin: Due to the use of IBM WebSphere Liberty, IBM TXSeries for Multiplatforms is vulnerable to weaker than expected security due to improper resource expiration handling (CVE-2023-46158).

Summary IBM WebSphere Liberty is used by IBM TXSeries for Multiplatforms to provide a web based administration console CVE-2023-46158. Vulnerability Details CVEID:CVE-2023-46158 DESCRIPTION: IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than expected...

Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty impact IBM Common Licensing

Summary Multiple vulnerabilities in IBM WebSphere Liberty impact IBM License Key Server Administration and Reporting Tool and IBM LKS Administration Agent. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application...

Security Bulletin: Due to the use of IBM WebSphere Liberty, IBM CICS Transaction Gateway Desktop Edition and for Multiplatforms are vulnerable to weaker than expected security due to improper resource expiration handling (CVE-2023-46158).

Summary There is a vulnerability in IBM WebSphere Liberty, which is shipped as part of both IBM CICS Transaction Gateway Desktop Edition and IBM CICS Transaction Gateway for Multiplatforms. Updates to IBM CICS Transaction Gateway Desktop Edition and IBM CICS Transaction Gateway for Multiplatforms...

Operation on a Resource after Expiration or Release

Overview Affected versions of this package are vulnerable to Operation on a Resource after Expiration or Release due to the password reset functionality. An attacker can accept an invitation for an unlimited amount of time by exploiting the lack of validation for the pending invitation's expiry...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty may affect IBM Storage Scale (CVE-2023-46158, CVE-2023-44487)

Summary There are vulnerabilities in IBM WebSphere Application Server Liberty, used by IBM Storage Scale, which could provide weaker than expected security due to improper resource expiration handling. Vulnerability Details CVEID:CVE-2023-46158 DESCRIPTION: IBM WebSphere Application Server Libert...

Security Bulletin: Due to the use of IBM WebSphere Liberty, IBM CICS TX Advanced is vulnerable to weaker than expected security due to improper resource expiration handling (CVE-2023-46158).

Summary IBM WebSphere Liberty is used by IBM CICS TX Advanced to provide a web based administration console CVE-2023-46158. Vulnerability Details CVEID:CVE-2023-46158 DESCRIPTION: IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than expected security due t...

Security Bulletin: Due to the use of IBM WebSphere Liberty, IBM CICS TX Standard is vulnerable to weaker than expected security due to improper resource expiration handling (CVE-2023-46158).

Summary IBM WebSphere Liberty is used by IBM CICS TX Standard to provide a web based administration console CVE-2023-46158. Vulnerability Details CVEID:CVE-2023-46158 DESCRIPTION: IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than expected security due t...