IT Security Notifications

In the following we offer you a short list of current security notifications. We make the complete security notifications available to registered customers in the protected area of the KISTERS Service-Portal. By clicking on a notification item below, you will be forwarded to the respetive fulltext version of the notification in the Service-Portal and thereby may be asked to enter your credentials.

Newest first

Vulnerability in the Apache Commons Text library

On October 17, 2022, the German Federal Office for Information Security (BSI) informed about a...

Read more

Log4j artifacts.

We’ve been informed by a customer that one of the delivered Jar files in the KiDSM distribution...

Read more

OpenSSL CVE-2022-2274

Based on the description CVE-2022-2274 and CVE-2022-2097 “Source: CVE: CVE-2022-2274 - CVE-Search, C...

Read more

PHP CVE-2022-31625

The KISTERS solutions are not actively using the method "pg_query_params()" or the "mysqlnd/pdo"...

Read more

Java Spring Framework CVE-2022-22965

A zero-day vulnerability was found in the popular Java Web application development framework Spring

Read more

Apache HTTP Server CVE-2021-44228

CERT-Bund has published a short info on vulnerabilities in the Apache HTTP Server

Read more

XML libexpat CVE-2022-23852

Critical security vulnerability in the "Expat library" for processing XML messages

Read more

H2-Console CVE-2021-42392

Vulnerability in the H2 database console found

Read more