Security Bulletin: Due to use of Netty, IBM Operations Analytics - Log Analysis is affected by denial of service, information disclosure, and HTTP request smuggling

Summary Netty in Apache ZooKeeper and Logstash is used by IBM Operations Analytics - Log Analysis as part of the client/server network transport layer, and network-related plugins for protocol and event transport. CVE-2014-0193, CVE-2014-3488, CVE-2015-2156, CVE-2019-20444, CVE-2024-47535,...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses multiple jar packages which are vulnerable to CVE-2025-24970, CVE-2025-55163.

Summary IBM Maximo Application Suite - Monitor Component uses multiple jar packages which are vulnerable to CVE-2025-24970, CVE-2025-55163. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven...

Security Bulletin: Vulnerability in Netty affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

Security Bulletin: Vulnerability in Netty affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an...

Security Bulletin: Netty SslHandler Vulnerability Leads to Native Crash via Crafted Packet

Summary Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which...

Security Bulletin: Vulnerabilities in Netty affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an...

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in netty-handler (CVE-2025-24970)

Summary A vulnerability in Netty that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version...

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.20.1 release

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

Atlassian Jira Service Management Data Center and Server 5.11.3 < 5.12.20 / < 5.12.22 / 5.13.x < 10.3.5 / 10.4.x < 10.6.0 (JSDSERVER-16207)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16207 advisory. - Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in netty-handler-4.1.100.Final.jar

Summary IBM Watson Discovery Cartridge contains a vulnerable version of netty-handler-4.1.100.Final.jar Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to netty-handler-4.1.117.Final.jar CVE-2025-24970

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to netty-handler-4.1.117.Final.jar CVE-2025-24970. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven network...

Security Bulletin: IBM Maximo Application Suite -Iot Component uses netty-handler-4.1.114.Final.jar which is vulnerable to CVE-2025-24970.

Summary IBM Maximo Application Suite -Iot Component uses netty-handler-4.1.114.Final.jar which is vulnerable to CVE-2025-24970. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous,...

Security Bulletin: IBM Asset Data Dictionary uses netty-handler-4.1.108.Final.jar which is vulnerable to CVE-2025-24970.

Summary IBM Asset Data Dictionary uses netty-handler-4.1.108.Final.jar which is vulnerable to CVE-2025-24970. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven network...

Security Bulletin: Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91, affects watsonx.data

Summary Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity rating, ...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity rating, ...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 7 / 8 / 9 : Red Hat JBoss Enterprise Application Platform 7.4.21 (RHSA-2025:3465)

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3465 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...

Security Bulletin: There is a vulnerability in netty-handler-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-24970)

Summary There is a vulnerability in netty-handler-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in...

Important: Red Hat Security Advisory: Red Hat Integration Camel K 1.10.10 release and security update.

Red Hat Integration Camel K 1.10.10 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...