Security Bulletin: Multiple Vulnerabilities affect IBM Tivoli Netcool Impact

Summary Multiple vulnerabilities were addressed in IBM Tivoli Netcool Impact version 7.1.0.37 Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop...

GHSA-H5FG-JPGR-RV9C vulnerabilities

Vulnerabilities for packages: strimzi-kafka-operator, keycloak, apache-pulsar...

CVE-2025-11966 vulnerabilities

Vulnerabilities for packages: strimzi-kafka-operator, keycloak, apache-pulsar...

GHSA-45P5-V273-3QQR vulnerabilities

Vulnerabilities for packages: strimzi-kafka-operator, keycloak, apache-pulsar...

CVE-2025-11965 vulnerabilities

Vulnerabilities for packages: strimzi-kafka-operator, keycloak, apache-pulsar...

CVE-2025-11966 vulnerabilities

Vulnerabilities for packages: apache-pulsar, strimzi-kafka-operator, keycloak, keycloak-fips...

CVE-2025-11965 vulnerabilities

Vulnerabilities for packages: apache-pulsar, strimzi-kafka-operator, keycloak, keycloak-fips...

GHSA-H5FG-JPGR-RV9C vulnerabilities

Vulnerabilities for packages: apache-pulsar, strimzi-kafka-operator, keycloak, keycloak-fips...

GHSA-45P5-V273-3QQR vulnerabilities

Vulnerabilities for packages: apache-pulsar, strimzi-kafka-operator, keycloak, keycloak-fips...

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in Apache Commons (CVE-2025-48734)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-48734 of Improper Access Control in Apache Commons. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version...

Security Bulletin: Improper Access Control vulnerability in Apache Commons BeanUtils library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2025-48734)

Summary Apache Commons BeanUtils library is used by Tivoli Netcool/OMNIbus WebGUI as part of Filter builder, View builder and Tool admin component. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was...

Security Bulletin: Uncontrolled Recursion vulnerability in Apache Commons Lang library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2025-48924)

Summary Apache Commons Lang library is used by Tivoli Netcool/OMNIbus WebGUI as part of Filter builder, View builder, Tool admin, Menu admin and Event Viewer Preferences component. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang...

Security Bulletin: DoS vulnerability in Apache Commons FileUpload library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2025-48976)

Summary Apache Commons FileUpload library is used by Tivoli Netcool/OMNIbus WebGUI as part of Map Resources admin component. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons...

PT-2025-43748

CVE-2025-62833 - Apache HTTP Server Cross-Site Request Forgery CSRF CVE ID : CVE-2025-62833 Published : Oct. 24, 2025, 3:15 a.m. | 4 hours, 2 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline,...

PT-2025-43749

CVE-2025-62834 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-62834 Published : Oct. 24, 2025, 3:15 a.m. | 4 hours, 2 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-43743

CVE-2025-62829 - Apache HTTP Server SQL Injection CVE ID : CVE-2025-62829 Published : Oct. 24, 2025, 3:15 a.m. | 4 hours, 2 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-43745

CVE-2025-62831 - Apache HTTP Server Information Disclosure CVE ID : CVE-2025-62831 Published : Oct. 24, 2025, 3:15 a.m. | 4 hours, 2 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-43744

CVE-2025-62830 - Apache Struts Deserialization Vulnerability CVE ID : CVE-2025-62830 Published : Oct. 24, 2025, 3:15 a.m. | 4 hours, 2 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2025-43746

CVE-2025-62832 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-62832 Published : Oct. 24, 2025, 3:15 a.m. | 4 hours, 2 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2025-43750

CVE-2025-62835 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-62835 Published : Oct. 24, 2025, 3:15 a.m. | 4 hours, 2 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...