IBM WebSphere Application Server: CVE-2023-28867: IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to GraphQL Java (CVE-2023-28867)

分享
https://www.ishack.org/topic/10102.html/
粉丝

发布于3月6日3月6日

Members

IBM WebSphere Application Server: CVE-2023-28867: IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to GraphQL Java (CVE-2023-28867)

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

03/27/2023

Created

06/01/2023

Added

06/01/2023

Modified

01/28/2025

Description

In GraphQL Java (aka graphql-java) before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44-80e3135.

Solution(s)

ibm-was-install-8-5-ph54373-liberty
ibm-was-upgrade-8-5-23-0-0-6-liberty

References

https://attackerkb.com/topics/cve-2023-28867
CVE - 2023-28867

查看数 698
已创建 3月6日3月6日
最后回复 3月6日3月6日

https://www.ishack.org/topic/10102.html/

粉丝

转到主题列表

登录

IBM WebSphere Application Server: CVE-2023-28867: IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to GraphQL Java (CVE-2023-28867)

recommended_posts

IBM WebSphere Application Server: CVE-2023-28867: IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to GraphQL Java (CVE-2023-28867)

Description

Solution(s)

References

欢迎来到红帽社区

社区动态

红龙逆向工具箱2025最新版(ISHACK改良版)

修改底部版权信息

ips4.7升级到5.x版本问题。

IPS Invision Community 经常自动退出登录解决

网站程序安装中文语言包时没有中文选项？Debian中文包

帐户

导航

搜索