Rational Developer for System z is affected by the Open Source Apache Batik vulnerability and has addressed the applicable CVEs
| Subscribe to My Notifications to be notified of important product support alerts like this.
CVEID: CVE-2015-0250 **
DESCRIPTION:** Apache Batik could allow a remote attacker to obtain sensitive information. By persuading a victim to open a specially-crafted SVG file, an attacker could exploit this vulnerability to reveal files and obtain sensitive information.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101614 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Principal Product and Version(s)
IBM has provided patches for all affected versions.
Follow the installation instructions in the README files included with the patch.
The fix can be obtained at the following locations: