CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-38264

The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1.0.0 through 7.1.5.21 and 8.0.0.0 through 8.0.8.21 is vulnerable to a denial of service attack in some circumstances due to improper enforcement of the JEP 290 MaxRef and MaxDepth deserialization filters. IBM X-Force ID: 260578.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.2%

CVSS Severity

CVSS v3 Score 5.9

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/260578
https://www.ibm.com/support/pages/node/7150727
https://exchange.xforce.ibmcloud.com/vulnerabilities/260578
https://www.ibm.com/support/pages/node/7150727

Products affected by CVE-2023-38264

Ibm » Java Software Development Kit » Version: Any

cpe:2.3:a:ibm:java_software_development_kit:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-38264

Products

Pricing

Contact Us