ByteOS Network

build_of_optaplanner

Source -

NVD

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2023-44487

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-7.5||HIGH

EPSS-94.41% / 99.98%

7 Day CHG-0.06%

Published-10 Oct, 2023 | 00:00

Updated-30 Jul, 2025 | 01:37

Known KEV||Action Due Date - 2023-10-31||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

Product-nexus_9516 openshift_serverless cbl-mariner nexus_34180yc nexus_3132c-z big-ip_ddos_hybrid_defender nexus_3132q-xl proxygen armeria nexus_3132q-x\/3132q-xl unified_contact_center_enterprise_-_live_data_server nexus_9336pq_aci_spine integration_service_registry nexus_9236c_switch windows_11_22h2 migration_toolkit_for_containers nexus_9396px .net nexus_31108pc-v nexus_9336c-fx2 nexus_9396tx_switch openshift nginx_ingress_controller nexus_9236c advanced_cluster_security kong_gateway nexus_93108tc-ex-24 secure_web_appliance windows_server_2016 windows_server_2019 openshift_container_platform_assisted_installer big-ip_next_service_proxy_for_kubernetes nexus_3500 integration_camel_k nexus_9396tx nexus_9372tx nexus_93216tc-fx2 apisix nginx_plus nexus_9800 linkerd support_for_spring_boot nexus_3132q-x node_healthcheck_operator 3scale_api_management_platform nexus_9500 nexus_93120tx nexus_3264c-e nexus_9500_4-slot openstack_platform telepresence_video_communication_server nexus_36180yc-r tomcat nexus_3132q nexus_3172tq-32t openshift_distributed_tracing nexus_9348gc-fxp big-ip_next enterprise_chat_and_email big-ip_global_traffic_manager big-ip_fraud_protection_service unified_contact_center_enterprise contour openshift_container_platform nexus_3100-v secure_malware_analytics nexus_92160yc_switch nexus_34200yc-sm nexus_9348d-gx2a nexus_9364c-gx migration_toolkit_for_virtualization nexus_3100-z fog_director nexus_9804 nexus_3432d-s ultra_cloud_core_-_session_management_function nexus_3524 swiftnio_http\/2 nexus_3400 cryostat nexus_31108pv-v nexus_9372tx_switch nexus_3172tq big-ip_advanced_web_application_firewall jboss_fuse nexus_3172pq-xl fedora nexus_9272q openshift_developer_tools_and_services nexus_9500r decision_manager nexus_9500_supervisor_b\+nexus_3548-x\/xl nexus_9232e nexus_92348gc-x unified_attendant_console_advanced openshift_sandboxed_containers ultra_cloud_core_-_serving_gateway_function nexus_9332d-h2r nexus_93128 nexus_3548-x nexus_9200yc nexus_3064t big-ip_policy_enforcement_manager nexus_93108tc-ex logging_subsystem_for_red_hat_openshift asp.net_core big-ip_local_traffic_manager nexus_93360yc-fx2 big-ip_webaccelerator nexus_3132q-v nexus_9336c-fx2-e solr caddy istio unified_contact_center_management_portal nexus_9332c nexus_9200 nexus_9516_switch nexus_3548 nexus_3172pq\/pq-xl nexus_3048 secure_dynamic_attributes_connector nexus_93600cd-gx nexus_9372px_switch nexus_3164q azure_kubernetes_service openshift_secondary_scheduler_operator nexus_9500_8-slot nexus_9508 openshift_virtualization prime_cable_provisioning nexus_9364c opensearch_data_prepper nexus_93128tx_switch http windows_10_21h2 firepower_threat_defense single_sign-on nexus_9221c go build_of_optaplanner prime_access_registrar networking nexus_9500_16-slot nexus_3232c nexus_93108tc-fx varnish_cache nexus_9504 jboss_enterprise_application_platform windows_10_1607 nexus_92304qc integration_camel_for_spring_boot run_once_duration_override_operator nexus_9716d-gx nexus_9000v nexus_3016 windows_11_21h2 openshift_pipelines nexus_9408 visual_studio_2022 nexus_9336pq_aci nexus_93180yc-fx3 debian_linux nx-os ceph_storage nexus_9316d-gx nginx nexus_93180tc-ex advanced_cluster_management_for_kubernetes prime_network_registrar nexus_3408-s traefik nexus_3064x nexus_9336pq_aci_spine_switch nexus_9372px unified_contact_center_domain_manager netty nexus_3264q nexus_3100v nexus_9372tx-e_switch nexus_93108tc-ex_switch traffic_server jboss_core_services nexus_9300 jboss_a-mq jboss_a-mq_streams nexus_3100 nexus_93240tc-fx2 machine_deletion_remediation_operator big-ip_application_security_manager build_of_quarkus nexus_93180yc-ex_switch nexus_9372tx-e node_maintenance_operator nexus_93180yc-ex-24 nexus_3064 openshift_dev_spaces nexus_9504_switch web_terminal nexus_9736pq self_node_remediation_operator certification_for_red_hat_enterprise_linux nexus_3172pq nexus_93128tx iot_field_network_director nexus_3636c-r nexus_3064-t nexus_9372px-e http2 nexus_92300yc_switch nexus_9364d-gx2a service_interconnect nexus_93180yc-fx ios_xe openresty nexus_31128pq openshift_service_mesh big-ip_analytics openshift_data_science big-ip_application_acceleration_manager nexus_9336pq network_observability_operator big-ip_link_controller nexus_9372px-e_switch nexus_9332pq_switch nexus_9500_supervisor_b http_server nexus_93180yc-fx-24 windows_10_22h2 node.js nexus_3600 nexus_93180lc-ex nexus_9636pq service_telemetry_framework big-ip_application_visibility_and_reporting migration_toolkit_for_applications nexus_9808 nexus_93108tc-fx-24 nexus_92160yc-x nexus_31108tc-v nexus_3200 nexus_9332d-gx2b crosswork_situation_manager nexus_3064-x nghttp2 nexus_93180yc-fx3s big-ip_websafe nexus_3464c nexus_93180yc-ex nexus_3172 nexus_9536pq astra_control_center nexus_9396px_switch nexus_92300yc openshift_api_for_data_protection h2o jetty nexus_9500_supervisor_a nexus_9500_supervisor_a\+nexus_9272q_switch satellite nexus_93180yc-fx3h process_automation data_center_network_manager ansible_automation_platform cost_management secure_web_appliance_firmware jboss_data_grid nexus_9508_switch nexus_3064-32t cert-manager_operator_for_red_hat_openshift oncommand_insight nexus_93240yc-fx2 ios_xr nexus_93180lc-ex_switch fence_agents_remediation_operator crosswork_zero_touch_provisioning nexus_3232c_ultra_cloud_core_-_policy_control_function big-ip_carrier-grade_nat nexus_3172tq-xl nexus_3524-x expressway grpc business_process_automation nexus_93108tc-fx3h nexus_92304qc_switch windows_10_1809 enterprise_linux envoy quay crosswork_data_gateway nexus_93108tc-fx3p big-ip_domain_name_system nexus_3548-xl nexus_93120tx_switch nexus_9432pq openshift_gitops nexus_3524-xl nexus_3232 nexus_9332pq nexus_3524-x\/xl big-ip_advanced_firewall_manager prime_infrastructure nexus_3016q jenkins big-ip_ssl_orchestrator nexus_9348gc-fx3 big-ip_access_policy_manager windows_server_2022 connected_mobile_experiences n/a http HTTP/2

CWE ID-CWE-400

Uncontrolled Resource Consumption

CVE-2023-4853

Assigner-Red Hat, Inc.

View Details

Assigner-Red Hat, Inc.

CVSS Score-8.1||HIGH

EPSS-0.58% / 67.82%

7 Day CHG~0.00%

Published-20 Sep, 2023 | 09:47

Updated-27 Aug, 2025 | 11:54

Quarkus: http security policy bypass

A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denial of service.

CWE ID-CWE-148

Improper Neutralization of Input Leaders

CWE ID-CWE-863

Incorrect Authorization