454 matches found
Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed IBM WebSphere Application Server traditional is vulnerable to spoofing when using Web Server Plug-ins
Summary The security issue described in CVE-2022-39161 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...
Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console
Summary The security issue described in CVE-2023-24966 has been identified in the WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed IBM WebSphere Application Server traditional is vulnerable to a denial of service due to Apache Commons FileUpload
Summary The security issue described in CVE-2023-24998 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...
Security Bulletin: Multiple vulnerabilities in IBM Java XML affect IBM Tivoli System Automation Application Manager deferred from Oracle Apr 2022 CPU (CVE-2022-21426)
Summary A flaw in the XML component of IBM Java Technology Edition used by IBM Tivoli System Automation Application Manager has been identified. These issues were disclosed as part of the IBM Java SDK updates in Apr 2022. Vulnerability Details Refer to the security bulletins listed in the...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager - Includes Oracle January 2023 CPU (CVE-2023-21830, CVE-2023-21843)
Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in January 2023. Vulnerability Details Refer to the security bulletins listed in the...
Security Bulletin: IBM Edge Application Manager has a vulnerability listed in CVE 2023-28154. IBM has addressed this vulnerability.
Summary IBM Edge Application Manager 4.5 addresses the security vulnerability listed in CVE 2023-28154. Vulnerability Details CVEID:CVE-2023-28154 DESCRIPTION: Webpack could allow a remote attacker to bypass security restrictions, caused by the mishandling of the magic comment feature by the...
Security Bulletin: IBM Edge Application Manager 4.5.1 addresses multiple security vulnerabilities
Summary IBM Edge Application Manager 4.5.1 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for binary and text...
Security Bulletin: IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below.
Summary IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below. Vulnerability Details CVEID:CVE-2022-1996 DESCRIPTION: go-restful could allow a remote attacker to bypass security restrictions, caused by improper regular expression implementation in the CORS...
Security Bulletin: IBM Edge Application Manager is vulnerable to an Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') due to Node.js ejs
Summary IBM Edge Application Manager 4.5 addresses the vulnerability listed in the CVE below. Vulnerability Details CVEID:CVE-2022-29078 DESCRIPTION: Node.js ejs module could allow a remote attacker to execute arbitrary code on the system, caused by a server-side template injection flaw in...
Security Bulletin: IBM Edge Application Manager 4.5 addresses multiple security vulnerabilities
Summary IBM Edge Application Manager 4.5 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2021-23436 DESCRIPTION: Node.js immer module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw...
Security Bulletin: IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below.
Summary IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below. Vulnerability Details CVEID:CVE-2021-3918 DESCRIPTION: Json-schema could allow a remote attacker to execute arbitrary code on the system, caused by an improperly controlled modification of objec...
Security Bulletin: IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below.
Summary IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below. Vulnerability Details CVEID:CVE-2021-42740 DESCRIPTION: Node.js shell-quote module could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw with windows drive...
Security Bulletin: IBM Edge Application Manager 4.5 addresses multiple security vulnerabilities
Summary IBM Edge Application Manager 4.5 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2021-41190 DESCRIPTION: Open Container Initiative Distribution Specification could allow a remote authenticated attacker to bypass security restrictions,...
Security Bulletin: Open Source Dependency Vulnerability
Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-37603 DESCRIPTION: webpack loader-utils is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the interpolateName function in...
Security Bulletin: Open Source Dependency Vulnerability
Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-31030 DESCRIPTION: containerd is vulnerable to a denial of service, caused by a flaw in the CRI implementation. By sending a specially-crafted request using the ExecSync API, a local...
Security Bulletin: Open Source Dependency Vulnerability
Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-33587 DESCRIPTION: An unspecified error related to the failure to ensure that attribute parsing has Linear Time Complexity in Node.js css-what module has an unknown impact and attack...
Security Bulletin: Open Source Dependency Vulnerability
Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2020-7774 DESCRIPTION: Node.js y18n module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By sending a specially-crafted request, ...
Security Bulletin: Open Source Dependency Vulnerability
Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-33502 DESCRIPTION: Node.js normalize-url module is vulnerable to a denial of service, caused by a ReDoS regular expression denial of service flaw in the data URLs. By using a...
Security Bulletin: Open Source Dependency Vulnerability
Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-25851 DESCRIPTION: Node.js jpeg-js module is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request, a remote attacker could exploi...
Security Bulletin: Open Source Dependency Vulnerability
Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-36109 DESCRIPTION: Moby could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw with the supplementary groups are not set up properly. By...