1007 matches found
Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Businsess Automation Workflow (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171,CVE-2026-11712, CVE-2026-11595, CVE-2026-11708)
Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about security vulnerabilities affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...
CVE-2026-13449
IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
CVE-2026-13449 XXE attack in IBM Business Automation Manager Open Editions
IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.5.0 Vulnerability Details CVEID:CVE-2026-13449 DESCRIPTION: IBM Business Automation Manager Open Editions is vulnerable t...
Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.5.0 Vulnerability Details CVEID:CVE-2026-33871 DESCRIPTION: Netty is an asynchronous, event-driven network application...
PT-2026-53970
Name of the Vulnerable Software and Affected Versions IBM Business Automation Manager Open Editions versions 9.0.0 through 9.4.2 Description An XML external entity injection XXE occurs when processing XML data. This allows a remote attacker to expose sensitive information or consume memory...
Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2026-11594, CVE-2026-11707, CVE-2026-11383, CVE-2026-11541, CVE-2026-11536)
Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...
Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.18.0 shipped with IBM Cloud Pak for Business Automation iFixes for June 2026
Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation June 2026 security fixes update this dependency beyond 4.18.0 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2024-45310 DESCRIPTION: runc is a CL...
Security Bulletin: Multiple Security vulnerabilities have been identified in IBM WebSphere Application Server traditional, WebSphere Liberty profile, IBM HTTP Server its WebSphere plugins shipped with IBM Business Automation Workflow
Summary WebSphere Application Server traditional and WebSphere Application Server Liberty profile are shipped as a component of IBM Business Automation Workflow. Optional IBM HTTP Server and relating WebSphere plugins are included with WebSphere. Information about security vulnerabilities affecti...
CVE-2026-1248
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...
Security Bulletin: Vulnerability in jackson-core-2.15.2.jar
Summary Vulnerability in jackson-core-2.15.2.jar Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters defined in StreamReadConstraints. This allows an attacker to send JSON with...
Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server affect IBM Business Automation Workflow
Summary WebSphere Application Server Traditional is shipped as a component of IBM Business Automation Workflow. WebSphere Application Server Liberty is shipped as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business...
Security Bulletin: Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2026-9311, CVE-2026-9330, CVE-2026-9319, CVE-2026-8644)
Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about security vulnerabilities affecting IBM WebSphere Application Server Traditional have been published in security bulletins. Vulnerability Details Refer to the security bulletins...
Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for May 2026.
Summary Security vulnerabilities are addressed with IBM Business Automation Insights 25.0.0-IF005. These vulnerabilities have been also adressed in 24.0.0-IF007, 24.0.1-IF007 and 25.0.1-IF001. Vulnerability Details CVEID:CVE-2025-7962 DESCRIPTION: In Jakarta Mail 2.0.2 it is possible to preform a...
Security Bulletin: Multiple security vulnerabilities addressed with IBM Business Automation Workflow cumulative fixes May 2026
Summary In addition to updating many operating system level packages, the following security vulnerabilities are addressed with IBM Business Automation Workflow cumulative fixes. Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and...
Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.6.21 shipped with IBM Cloud Pak for Business Automation iFixes for April 2026
Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation April 2026 security fixes update this dependency beyond 4.6.21 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2024-45310 DESCRIPTION: runc is a C...
CVE-2026-1248
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...
EUVD-2026-32521
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...
CVE-2026-1248
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...
PT-2026-43995
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...