EUVD-2022-43535

Malicious code in bioql PyPI...

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use the MQ clients and CCDT files are vulnerable to denial of service due to [CVE-2023-38039]

Summary Libcurl is used by the MQ Client code in IBM App Connect Enterprise Certified Container for downloading CCDT information. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use the MQ clients and CCDT files are vulnerable to denial of...

Security Bulletin: IBM MQ is affected by a denial of service vulnerability due to an error within the CCDT and channel synchronization logic (CVE-2022-40237)

Summary An issue was identifed within the MQ channel processing when a channel CCDT file contains invalid or corrupted records. Vulnerability Details CVEID:CVE-2022-40237 DESCRIPTION: IBM MQ is vulnerable to a denial of service attack due to an error within the CCDT and channel synchronization...

CVE-2022-40237

IBM MQ for HPE NonStop 8.1.0 is vulnerable to a denial of service attack due to an error within the CCDT and channel synchronization logic. IBM X-Force ID: 235727...

CVE-2022-40237

IBM MQ for HPE NonStop 8.1.0 is affected by a denial-of-service vulnerability (CVE-2022-40237) caused by an error in the CCDT and channel synchronization logic. IBM’s bulletin (APAR IT43171) fixes this issue for the 8.1 line (8.1.0.12) and related 9.x LTS/CD lines with corresponding updates; reme...

PT-2023-13778 · Ibm · Ibm Mq

Name of the Vulnerable Software and Affected Versions: IBM MQ for HPE NonStop version 8.1.0 Description: The issue is related to a denial of service attack due to an error within the CCDT and channel synchronization logic. Recommendations: For IBM MQ for HPE NonStop version 8.1.0, at the moment,...

Security Bulletin: IBM MQ for HPE NonStop Server is affected by channel CCDT vulnerability CVE-2022-40237

Summary An issue was identifed within the MQ channel processing when a channel CCDT file contains invalid or corrupted records. Vulnerability Details CVEID:CVE-2022-40237 DESCRIPTION: IBM MQ is vulnerable to a denial of service attack due to an error within the CCDT and channel synconization logi...

Security Bulletin: IBM MQ is affected by a vulnerability within cURL libcurl (CVE-2019-15601)

Summary An issue was identified within the libcurl library supplied by IBM MQ which is used for CCDT URL functionality. Vulnerability Details CVEID: CVE-2019-15601 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security restrictions, caused by improper input validation. By...

Heap overflow

Heap-based buffer overflow in the client in IBM WebSphere MQ 6.0 before 6.0.2.7 and 7.0 before 7.0.1.0 allows local users to gain privileges via crafted SSL information in a Client Channel Definition Table CCDT file...