531 matches found
CVE-2025-13490
CVE-2025-13490 affects IBM App Connect Operator CD versions 11.3.0–11.6.0, 12.1.0–12.20.0 and 12.0 LTS 12.0.0–12.0.20, plus IBM App Connect Enterprise Certified Containers operands CD 12.0.11.2‑r1–12.0.12.5‑r1 and 13.0.1.0‑r1–13.0.6.1‑r1 (and 12.0 LTS 12.0.12‑r1–12.0.12‑r20). The vulnerability is...
Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates
Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.21 LTS and 12.21.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...
PT-2026-22794
IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1...
Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to loss of confidentiality (CVE-2026-24398, CVE-2026-24472, CVE-2026-24473, CVE-2026-24771)
Summary Node.js module Hono is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported...
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to relative path traversal (CVE-2025-22873)
Summary IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to relative path traversal due to use of Golang module "os". This bulletin provides patch information to address the reported vulnerability in Golang module "os" CVE-2025-22873 Vulnerability Details...
CVE-2025-13491 IBM App Connect Enterprise Certified Container Information Disclosure
IBM App Connect Enterprise Certified Container CD: 11.2.0 through 11.6.0, 12.1.0 through 12.19.0 and 12.0 LTS: 12.0.0 through 12.0.19 could allow an attacker to access sensitive files or modify configurations due to an untrusted search path...
CVE-2025-13491
IBM App Connect Enterprise Certified Container CD: 11.2.0 through 11.6.0, 12.1.0 through 12.19.0 and 12.0 LTS: 12.0.0 through 12.0.19 could allow an attacker to access sensitive files or modify configurations due to an untrusted search path...
Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates
Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.20 LTS and 12.20.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...
PT-2026-6556
Name of the Vulnerable Software and Affected Versions IBM App Connect Enterprise Certified Container versions up to 12.19.0 Continuous Delivery IBM App Connect Enterprise Certified Container version 12.0 LTS Long Term Support Description The software may allow an attacker to access sensitive file...
RPP: A Certified Poisoned-Sample Detection Framework for Backdoor Attacks under Dataset Imbalance
Deep neural networks are highly susceptible to backdoor attacks, yet most defense methods to date rely on balanced data, overlooking the pervasive class imbalance in real-world scenarios that can amplify backdoor threats. This paper presents the first in-depth investigation of how the dataset...
Data Privacy Day: Inside the role of Data Protection Officer at Opera
Privacy Data Privacy Day: Inside the role of Data Protection Officer at Opera Share January 28th, 2026 Privacy matters all year round. But every January, Data Privacy Day is a great opportunity to learn more about data privacy and protection, and to highlight their importance for everyone in the...
RHEL 10 : java-21-ibm-semeru-certified-jdk (RHSA-2025:22672)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22672 advisory. The IBM Semeru Runtime Certified Edition 21 runtime environment. Security Fixes: openjdk: Enhance Path Factories Oracle CPU 2025-10...
Moderate: Red Hat Security Advisory: java-21-ibm-semeru-certified-jdk security update
An update for java-21-ibm-semeru-certified-jdk is now available for Red Hat Enterprise Linux 10.0 Extended Update Support and Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score,...
Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service [CVE-2025-64118]
Summary Node.js module tar is used by IBM App Connect Enterprise Certified Container for handling archives files and data. IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability in...
Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service [CVE-2025-48924]
Summary Apache Commons Lang is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationRuntime and IntegrationServer operands are vulnerable to denial of service. This bulletin provides patch information to address the...
Security Bulletin: IBM App Connect Enterprise Certified Container operator and DesignerAuthoring operands are vulnerable to loss of integrity [CVE-2025-47907]
Summary IBM App Connect Enterprise Certified Container operator and DesignerAuthoring operands are vulnerable to loss of integrity due to a vulnerability in the Golang module database/sql. This bulletin provides patch information to address the reported vulnerability in database/sql. CVE-2025-479...
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to loss of confidentiality [CVE-2025-1993]
Summary IBM App Connect Enterprise Certified Container DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user. This bulletin provides patch information to address the vulnerability in I...
Security Bulletin: Multiple vulnerabilities in IBM Planning Analytics Advanced Certified Containers
Summary Multiple vulnerabilities were addressed in IBM Planning Analytics Advanced Certified Containers 3.1.2. Vulnerability Details CVEID:CVE-2025-23166 DESCRIPTION: The C++ method SignTraits::DeriveBits may incorrectly call ThrowException based on user-supplied inputs when executing in a...
CVE-2025-33150
IBM Cognos Analytics Certified Containers 12.1.0 could disclose package parameter information due to the presence of hidden pages...
EUVD-2025-50805
IBM Cognos Analytics Certified Containers 12.1.0 could disclose package parameter information due to the presence of hidden pages...