Lucene search
K

19 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 12:19 p.m.10 views

Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.4.0 Vulnerability Details CVEID:CVE-2026-1525 DESCRIPTION: Undici allows duplicate HTTP Content-Length headers when they...

9.8CVSS7.3AI score0.0115EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/16 7:34 a.m.6 views

Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions

Summary d3-color and brace-expansion vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.3.0. Those libraries are used in the UI components of IBM Business Automation Manager Open Editions. Vulnerability Details CVEID:CVE-2025-5889 DESCRIPTION: A vulnerability was fou...

3.1CVSS5.9AI score0.00459EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/29 3:24 p.m.4 views

Security Bulletin: Security vulnerability in IBM Business Automation Manager Open Editions in axios library.

Summary Vulnerable axios library was addressed updated in IBM Business Automation Manager Open Editions 9.3.0. Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to version 1.11.0 runs on Node.js and is given ...

7.5CVSS6.5AI score0.01099EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/12 9:33 a.m.19 views

Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions.

Summary Multiple vulnerabilities were addressed in IBM Business Automation Manager Open Editions 8.0.8. Vulnerability Details CVEID:CVE-2025-53506 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that...

9.1CVSS9.7AI score0.63258EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/04 8:59 a.m.11 views

Security Bulletin: Security vulnerabilities related to tomcat-embed-core library in IBM Business Automation Manager Open Editions.

Summary Multiple vulnerabilities related to tomcat-embed-core library were addressed in IBM Business Automation Manager Open Editions 9.2.1. Vulnerability Details CVEID:CVE-2025-49125 DESCRIPTION: Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using...

7.5CVSS7.7AI score0.63258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/30 11:10 p.m.17 views

Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions.

Summary Multiple vulnerabilities were addressed in IBM Business Automation Manager Open Editions 9.2.1. Vulnerability Details CVEID:CVE-2025-22150 DESCRIPTION: Undici is an HTTP/1.1 client. Starting in version 4.5.0 and prior to versions 5.28.5, 6.21.1, and 7.2.3, undici uses Math.random to choos...

8.7CVSS8.2AI score0.01674EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:58 a.m.58 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.6

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.6 Vulnerability Details CVEID:CVE-2024-2398 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a memory le...

9.8CVSS9.5AI score0.36081EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/09 2:41 p.m.34 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.7.

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.7. Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Any project that parses untrusted Protocol Buffers data containing an...

9.8CVSS9.5AI score0.99019EPSS
Exploits27Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 2:36 a.m.47 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.1

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.1 Vulnerability Details CVEID:CVE-2022-21724 DESCRIPTION: PostgreSQL JDBC Driver PgJDBC could allow a remote authenticated attack...

9.8CVSS9.4AI score0.05664EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/03 8:6 a.m.31 views

Security Bulletin: Business Automation Manager Open Editions 8.0.5 - jgit vulnerability

Summary Business Automation Manager Open Editions in version 8.0.5 contains a vulnerability in jgit library, that is used as part of the release. For more information, please see the vulnerability description in the Vulnerability Details section. Vulnerability Details CVEID:CVE-2023-4759...

8.8CVSS7.3AI score0.01884EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/30 4:4 p.m.31 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.1

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.1 Vulnerability Details CVEID:CVE-2024-25062 DESCRIPTION: GNOME libxml2 is vulnerable to a denial of service, caused by a...

8.6CVSS9.8AI score0.8833EPSS
Exploits22Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/01 3:0 p.m.11 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.0

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.0 Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtain sensitiv...

6.7AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/18 2:2 p.m.60 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.2

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.2 Vulnerability Details CVEID:CVE-2018-1000134 DESCRIPTION: Ping Identity UnboundID LDAP SDK could allow a remote attacker to...

9.8CVSS9.2AI score0.91896EPSS
Exploits17Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/18 2:1 p.m.58 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.3

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.3 Vulnerability Details CVEID:CVE-2022-46364 DESCRIPTION: Apache CXF is vulnerable to server-side request forgery, caused by a fl...

9.8CVSS10AI score0.99931EPSS
Exploits51Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/30 6:52 p.m.38 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.5

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.5 Vulnerability Details CVEID:CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitra...

9.8CVSS9.5AI score0.99615EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/29 8:20 p.m.65 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.4-IF001

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.4-IF001. Vulnerability Details CVEID:CVE-2023-22025 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM...

8.1CVSS9.5AI score0.99999EPSS
Exploits49Affected Software1
RedHat Linux
RedHat Linux
added 2023/11/29 6:13 p.m.35 views

Important: Red Hat Security Advisory: Updated IBM Business Automation Manager Open Editions 8.0.4 SP1 Images

An update is now available for IBM Business Automation Manager Open Editions including images for Red Hat OpenShift Container Platform. IBM Business Automation Manager Open Editions is an open source business process management suite that combines process management and decision service managemen...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/16 3:21 p.m.58 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.0.1

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.0.1. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain...

9.8CVSS9.1AI score0.64509EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/11 2:7 p.m.40 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.4

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.4 Vulnerability Details CVEID:CVE-2023-20883 DESCRIPTION: VMware Tanzu Spring Boot is vulnerable to a denial of service, caused b...

8.1CVSS8.1AI score0.03514EPSS
Exploits2Affected Software1
Rows per page
Query Builder