Security Bulletin: Multiple security vulnerabilities in IBM SDK, Java Technology Edition affects IBM OpenPages

Summary IBM® SDK, Java™ Technology Edition is shipped as a supporting program of IBM OpenPages. Information about a security vulnerability affecting IBM SDK, Java Technology Edition has been published in multiple security bulletins. These products have addressed the applicable CVEs. For a complet...

Security Bulletin: Multiple security vulnerabilities affect IBM Db2 Database Server shipped with IBM OpenPages

Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about a security vulnerability affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: IBM OpenPages with Watson has addressed multiple vulnerabilities from CKEditor (CVE-2022-24728, CVE-2022-24729)

Summary CKEditor open source library used by IBM OpenPages with Watson. CKEditor reported multiple vulnerabilities. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2022-24729 DESCRIPTION: CKEditor is vulnerable to a denial of service, caused by a regular expression deni...

Security Bulletin: IBM OpenPages for IBM Cloud Pak for Data is Vulnerable to jQuery cross-site scripting (CVE-2020-11022, CVE-2020-11023)

Summary There is a vulnerability in the jQuery OpenSource library used by IBM OpenPages for IBM Cloud Pak for Data. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2020-11022 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of...

Security Bulletin: Multiple security vulnerabilities Affect IBM Db2 Database Server shipped with IBM OpenPages

Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about a security vulnerability affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: IBM OpenPages for IBM Cloud Pak for Data is Vulnerable to FasterXML jackson-databind [CVE-2022-42003, CVE-2022-42004]

Summary FasterXML jackson-databind is used by IBM OpenPages for IBM Cloud Pak for Data. Several vulnerabilities in this component have been addressed. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a che...

Security Bulletin: IBM OpenPages for IBM Cloud Pak for Data is Vulnerable to JetBrains Kotlin weak security [CVE-2022-24329]

Summary There is a vulnerability in the JetBrains Kotlin open source library used by IBM OpenPages for IBM Cloud Pak for Data. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2022-24329 DESCRIPTION: JetBrains Kotlin could provide weaker than expected security, caused by...

Security Bulletin: IBM OpenPages for IBM Cloud Pak for Data is Vulnerable to JCommander [X-Force ID: 221124]

Summary There is a vulnerability in the JCommander open source library used by IBM OpenPages for IBM Cloud Pak for Data. This vulnerability has been addressed. X-Force ID: 221124 Vulnerability Details IBM X-Force ID: 221124 DESCRIPTION: JCommander could allow a remote attacker to obtain sensitive...

Security Bulletin: Multiple VMWare Tanzu Spring Vulerabilities Affects IBM OpenPages with Watson (CVE-2022-22968, CVE-2022-22970, CVE-2022-22971)

Summary Spring Framework open source library is used by IBM OpenPages with Watson. Multiple vulnerabilties are being disclosed from Spring Framework within this bulletin. These vulnerabilities are addressed. Vulnerability Details CVEID:CVE-2022-22968 DESCRIPTION: Spring Framework could provide...

Security Bulletin: A VMWare Tanzu Spring Vulerability Affects IBM OpenPages with Watson (CVE-2022-22950)

Summary There is a vulnerability in the Spring Framework open source library used by IBM OpenPages with Watson. This affects the IBM OpenPages application server. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2022-22950 DESCRIPTION: VMware Tanzu Spring Framework is...

Security Bulletin: IBM OpenPages for IBM Cloud Pak for Data is Vulnerable to Spring Web Unsafe Deserialization [CVE-2016-1000027]

Summary There is a vulnerability in the Spring Web open source library used by IBM OpenPages for IBM Cloud Pak for Data. This vulnerability has been addressed. CVE-2016-1000027 Vulnerability Details CVEID:CVE-2016-1000027 DESCRIPTION: Pivota Spring Framework could allow a remote attacker to execu...

Security Bulletin: IBM OpenPages with Watson has addressed a IBM SDK, Java Technology Edition (CVE-2023-30441)

Summary IBM OpenPages with Watson has addressed sensitive information exposure vulnerability caused by CVE-2023-30441. There is a vulnerability in the IBM® SDK, Java™ Technology Edition that is shipped with IBM OpenPages with Watson. The CVEs listed in this document might affect some configuratio...

Security Bulletin: IBM OpenPages with Watson is Vulnerable to Guava Denial of Service Error (CVE-2018-10237)

Summary Guava is an internal component of IBM OpenPages with Watson. Guava deniel of service vulnerability has been addressed. Vulnerability Details CVEID:CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the...

Security Bulletin: OpenPages with Watson has addressed Node.js vulnerability (CVE-2022-32213)

Summary Node.js is not used by IBM OpenPages with Watson core product however it is used by the installer server and agents components. A HTTP request smuggling vulnerability in Node.js is addressed within OpenPages with Watson. Vulnerability Details CVEID:CVE-2022-32213 DESCRIPTION: Node.js is...

Security Bulletin: IBM OpenPages with Watson has addressed Apache Log4j vulnerability (CVE-2022-23307).

Summary There is a vulnerability in the Apache Log4j open source library used by IBM OpenPages with Watson. This affects the IBM OpenPages logging framework. This vulnerability has been addressed. CVE-2022-23307. Vulnerability Details CVEID:CVE-2022-23307 DESCRIPTION: Apache Log4j could allow a...

Security Bulletin: IBM OpenPages with Watson has addressed Apache Log4j vulnerability (CVE-2022-23305)

Summary There is a vulnerability in the Apache Log4j open source library used by IBM OpenPages with Watson. This affects the IBM OpenPages logging framework. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2022-23305 DESCRIPTION: Apache Log4j is vulnerable to SQL injection...

Security Bulletin: IBM OpenPages with Watson has addressed Apache Log4j vulnerability (CVE-2022-23302)

Summary There is a vulnerability in the Apache Log4j open source library used by IBM OpenPages with Watson. This affects the IBM OpenPages logging framework. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2022-23302 DESCRIPTION: Apache Log4j could allow a remote...

Security Bulletin: Multiple Security Vulnerabilties have been identified in IBM WebSphere Application Server shipped with IBM OpenPages with Watson (CVE-2021-4104, CVE-2021-45046)

Summary IBM WebSphere Application Server is shipped as a component of IBM OpenPages with Watson. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: Multiple Security Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM OpenPages with Watson (CVE-2021-45105, CVE-2021-44832)

Summary IBM WebSphere Application Server is shipped as a component of IBM OpenPages with Watson. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: IBM OpenPages with Watson has addressed Apache Log4j vulnerability (CVE-2021-44832)

Summary There is a security vulnerability in the Apache Log4j open source library used by IBM OpenPages with Watson. This impacts the IBM OpenPages logging framework. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-44832 DESCRIPTION: Apache Log4j could allow a remote...