vulnerability
CentOS Linux: CVE-2023-38264: Moderate: java-1.8.0-ibm security update (CESA-2024:4160)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:H/Au:N/C:N/I:N/A:C) | May 14, 2024 | Jun 28, 2024 | Feb 18, 2025 |
Severity
5
CVSS
(AV:N/AC:H/Au:N/C:N/I:N/A:C)
Published
May 14, 2024
Added
Jun 28, 2024
Modified
Feb 18, 2025
Description
The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1.0.0 through 7.1.5.21 and 8.0.0.0 through 8.0.8.21 is vulnerable to a denial of service attack in some circumstances due to improper enforcement of the JEP 290 MaxRef and MaxDepth deserialization filters. IBM X-Force ID: 260578.
Solution(s)
centos-upgrade-java-1-8-0-ibmcentos-upgrade-java-1-8-0-ibm-democentos-upgrade-java-1-8-0-ibm-develcentos-upgrade-java-1-8-0-ibm-jdbccentos-upgrade-java-1-8-0-ibm-plugincentos-upgrade-java-1-8-0-ibm-src
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.