CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-27267 – IBM SDK, Java Technology Edition denial of service
https://notcve.org/view.php?id=CVE-2024-27267
14 Aug 2024 — The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads. IBM X-Force ID: 284573. A flaw was found in IBM SDK, Java Technology Edition. A race condition in the management of ORB listener threads can cause a remote denial of service. • https://exchange.xforce.ibmcloud.com/vulnerabilities/284573 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38264 – IBM SDK, Java Technology Edition denial of service
https://notcve.org/view.php?id=CVE-2023-38264
10 May 2024 — The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1.0.0 through 7.1.5.21 and 8.0.0.0 through 8.0.8.21 is vulnerable to a denial of service attack in some circumstances due to improper enforcement of the JEP 290 MaxRef and MaxDepth deserialization filters. IBM X-Force ID: 260578. El SDK de IBM, Object Request Broker (ORB) de Java Technology Edition 7.1.0.0 a 7.1.5.21 y 8.0.0.0 a 8.0.8.21 es vulnerable a un ataque de denegación de servicio en algunas circunstancias debido a la aplicación in... • https://exchange.xforce.ibmcloud.com/vulnerabilities/260578 • CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data •