6 matches found
GHSA-FV25-8XCX-GQJC Apache Tomcat - WebSocket authentication header exposure
Versions Affected: Apache Tomcat 11.0.0-M1 to 11.0.21 Apache Tomcat 10.1.0-M1 to 10.1.54 Apache Tomcat 9.0.2 to 9.0.117 Older, unsupported versions may also be affected Description: If a WebSocket request was redirected after authentication, Tomcat's WebSocket client would present the most recent...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of yaml JavaScript library
Summary Due to use of the yaml JavaScript library, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2026-33532 DESCRIPTION: yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the DOMPurify library
Summary Due to the use of the DOMPurify library, DevOps Test Performance and Rational Performance Tester contain a cross-site scripting XSS vulnerability CVE-2025-15599, CVE-2026-0540 Vulnerability Details CVEID:CVE-2025-15599 DESCRIPTION: DOMPurify 3.1.3 through 3.2.6 and 2.5.3 through 2.5.8...
Security Bulletin: IBM Event Endpoint Management is vulnerable to command injection vulnerability (CVE-2025-64756)
Summary IBM Event Endpoint Management is vulnerable to command injection vulnerability due to Glob matches files. Vulnerability Details CVEID:CVE-2025-64756 DESCRIPTION: Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob...
Apache Tomcat Session Fixation vulnerability
Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 ...
PT-2019-16954 · Ibm · Ibm Cognos Analytics
Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.0 through 11.1 Description: The issue allows a remote user to send specially crafted requests that could consume all available CPU and memory resources, resulting in a denial of service attack. Recommendations...