Security Advisory Description The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP ...
More info:
https://my.f5.com/manage/s/article/K000135262?utm_source=f5support&utm_medium=RSS
The 8Base ransomware group has remained relatively unknown despite the massive spike in activity in Summer of 2023. The group utilizes encryption paired with “name-and-shame” techniques to compel their victims to pay their ransoms. 8Base has an opportunistic pattern of compromise with recent victims spanning across varied industries. Despite the high amount of compromises, the … ContinuedThe post 8Base Ransomware: A Heavy Hitting Player appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player.html?utm_source=rss&utm_medium=rss&utm_campaign=8base-ransomware-a-heavy-hitting-player
Security Advisory Description Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, ...
More info:
https://my.f5.com/manage/s/article/K000135251?utm_source=f5support&utm_medium=RSS
Security Advisory Description A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (`synth-from-dnssec ...
More info:
https://my.f5.com/manage/s/article/K000135252?utm_source=f5support&utm_medium=RSS
Security Advisory Description A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting ...
More info:
https://my.f5.com/manage/s/article/K000135242?utm_source=f5support&utm_medium=RSS
Security Advisory Description A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not include any HTTP headers no AJP SEND_ ...
More info:
https://my.f5.com/manage/s/article/K000135223?utm_source=f5support&utm_medium=RSS
Security Advisory Description In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations ...
More info:
https://my.f5.com/manage/s/article/K000135206?utm_source=f5support&utm_medium=RSS
Security Advisory Description In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled ...
More info:
https://my.f5.com/manage/s/article/K21054458?utm_source=f5support&utm_medium=RSS
Security Advisory Description Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request ...
More info:
https://my.f5.com/manage/s/article/K67090077?utm_source=f5support&utm_medium=RSS
Security Advisory Description In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the systems ...
More info:
https://my.f5.com/manage/s/article/K18484125?utm_source=f5support&utm_medium=RSS
