37 matches found
Security Bulletin: IBM Maximo Application Suite - Manage component uses softwares IBM WebSphere Liberty Server 25.0.0.2 and IBM DB2 version 11.5.9 which is vulnerable to CVE-2025-25193, CVE-2024-52894
Summary IBM Maximo Application Suite - Manage component uses softwares IBM WebSphere Liberty Server 25.0.0.2 and IBM DB2 version 11.5.9 which is vulnerable to CVE-2025-25193, CVE-2024-52894. This security bulletine contains details of affected and remediated versions of the same. Vulnerability...
Security Bulletin: IBM Maximo Application Suite uses WebSphere Application Server Liberty V.25.0.0.2, flask-3.1.0-py3-none-any.whl form-data-2.5.1.tgz and golang.org/x/net which is vulnerable to multiple CVEs
Summary IBM Maximo Application Suite uses WebSphere Application Server Liberty V.25.0.0.2, flask-3.1.0-py3-none-any.whl form-data-2.5.1.tgz and golang.org/x/net which is vulnerable to CVE-2025-36097, CVE-2025-7783, CVE-2025-25193, CVE-2025-47278, CVE-2025-23184, CVE-2025-22872 and CVE-2024-56339...
Security Bulletin: Due to use of IBM WebSphere Application Server Liberty, IBM Tivoli Application Dependency Discovery Manager is vulnerable to disclosure of information.
Summary IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Netty CVE-2024-47535CVE-2025-25193 Vulnerability Details CVEID:CVE-2024-47535 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high...
Security Bulletin: Vulnerabilities in Netty affects IBM watsonx Orchestrate with watsonx Assistant Cartridge
Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an...
Security Bulletin: Multiple security vulnerabilities in WebSphere Liberty may affect IBM Business Automation Workflow - CVE-2025-25193, CVE-2025-23184
Summary IBM Business Automation Workflow traditional includes optional components running on WebSphere Liberty: User Management Service and Process Federation Service. IBM Business Automation Workflow on Containers builds upon WebSphere Liberty. Multiple security vulnerabilies have been reported...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2025-25193)
Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera, and...
Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in netty-common-4.1.115.Final.jar
Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of netty-common-4.1.115.Final.jar Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. ...
Security Bulletin: Multiple Vulnerabilities in IBM Event Streams
Summary Multiple vulnerabilities were addressed in IBM Event Streams version 11.8.1. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU...
Security Bulletin: Denial of service vulnerability in IBM WebSphere Application Server Liberty affects IBM Storage Protect Operations Center (CVE-2025-25193).
Summary IBM Storage Protect Operations Center is affected by denial of service due to Netty used by IBM WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions...
Security Bulletin: Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118 (CVE-2025-25193) affects IBM PowerVM Novalink.
Summary Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load ...
Security Bulletin: IBM Data Product Hub is affected by several vulnerabilities
Summary IBM Data Product Hub has a dependency on IBM WebSphere Application Server Liberty, which is vulnerable. This bulletin contains information regarding the vulnerabilities and their fixture. Vulnerability Details CVEID:CVE-2025-23184 DESCRIPTION: A potential denial of service vulnerability i...
Security Bulletin: IBM Asset Data Dictionary uses netty-common-4.1.115.Final.jar which is vulnerable to CVE-2025-25193.
Summary IBM Asset Data Dictionary uses netty-common-4.1.115.Final.jar which is vulnerable to CVE-2025-25193. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven network...
Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to to a denial of service due to Netty in IBM WebSphere Application Server Liberty CVE-2025-25193
Summary IBM Maximo Application Suite - Monitor Component is vulnerable to to a denial of service due to Netty in IBM WebSphere Application Server Liberty CVE-2025-25193. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-25193...
Security Bulletin: There is a vulnerability in netty-common-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-25193)
Summary There is a vulnerability in netty-common-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up ...
Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to netty-common-4.1.117.Final.jar CVE-2025-25193
Summary IBM Maximo Application Suite - Monitor Component is vulnerable to netty-common-4.1.117.Final.jar CVE-2025-25193. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven network...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity rating, ...
Security Bulletin: IBM Maximo Application Suite - IoT uses netty-common-4.1.114.Final.jar which is vulnerable to CVE-2025-25193.
Summary IBM Maximo Application Suite - IoT uses netty-common-4.1.114.Final.jar which is vulnerable to CVE-2025-25193. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven networ...
RHEL 7 / 8 / 9 : Red Hat JBoss Enterprise Application Platform 7.4.21 (RHSA-2025:3465)
The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3465 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.21 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...