19 matches found
Security Bulletin: IBM WebSphere Application Server is affected by a denial of service by IBM Master Data Management (CVE-2025-36097)
Summary IBM Master Data Management version 11.6, 12.0 and 14.0 are impacted by vulnerability in WebSphere Application Server which could create a denial of service caused by a stack-based overflow. Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere Application Server 9.0 and...
Security Bulletin: Vulnerability in IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component...
Security Bulletin: Security vulnerabilities have been discovered in IBM Verify Identity Access and IBM Security Verify Access
Summary Security vulnerabilities have been addressed in IBM Verify Identity Access and IBM Security Verify Access Vulnerability Details CVEID:CVE-2025-7962 DESCRIPTION: In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and \n UTF-8 characters to separate differe...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is affected by a denial of service in glassfish jso np and vulnerable to CVE-2025-36097
Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is affected by a denial of service in glassfish jso np and vulnerable to CVE-2025-36097. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...
Security Bulletin: IBM Maximo Application Suite uses WebSphere Application Server Liberty V.25.0.0.2, flask-3.1.0-py3-none-any.whl form-data-2.5.1.tgz and golang.org/x/net which is vulnerable to multiple CVEs
Summary IBM Maximo Application Suite uses WebSphere Application Server Liberty V.25.0.0.2, flask-3.1.0-py3-none-any.whl form-data-2.5.1.tgz and golang.org/x/net which is vulnerable to CVE-2025-36097, CVE-2025-7783, CVE-2025-25193, CVE-2025-47278, CVE-2025-23184, CVE-2025-22872 and CVE-2024-56339...
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by a denial of service due to JSON-P Java API
Summary JSON-P java api is used by IBM Operations Analytics - Log Analysis as part of converting plain Java objects to and from JSON data in WebSphere Application Server Liberty. CVE-2025-36097. Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere Application Server 9.0 and...
Security Bulletin: Vulnerabilities in IBM WebSphere Liberty that is shipped with IBM CICS TX Standard (CVE-2025-36097 and CVE-2024-56339)
Summary There are vulnerabilities in IBM WebSphere Liberty that is shipped with IBM CICS TX Standard CVE-2025-36097 and CVE-2024-56339. An update to IBM CICS TX Standard has been released to address these. Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere Application Server 9....
Security Bulletin: Vulnerabilities in IBM WebSphere Liberty that is shipped with IBM TXSeries for Multiplatforms (CVE-2025-36097 and CVE-2024-56339).
Summary There are vulnerabilities in IBM WebSphere Liberty that is shipped with IBM TXSeries for Multiplatforms CVE-2025-36097 and CVE-2024-56339. An update to IBM TXSeries for Multiplatforms has been released to address these. Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere...
Security Bulletin: The IBM Engineering Test Management product using WebSphere Application Server is affected by a denial of service with glassfish jsonp (CVE-2025-36097)
Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service. This affects WebSphere Liberty with the jsonp-1.0, jsonp-1.1, or jsonp-2.0 features enabled. It has been addressed in this bulletin. Vulnerability Details Refer to the security...
Security Bulletin: The IBM® Engineering Lifecycle Management products using WebSphere Application Server Liberty is affected by a denial of service in glassfish jsonp (CVE-2025-36097)
Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service. This affects WebSphere Liberty with the jsonp-1.0, jsonp-1.1, or jsonp-2.0 features enabled. Following IBM® Engineering Lifecycle Management products are vulnerable to this attac...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition
Summary IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager version 4.2. Information about multiple security vulnerabilities affecting IBM WebSphere Application Server have been addressed CVE-2025-36097,CVE-2024-56339 Vulnerability Details Refer to the security...
Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a denial of service (CVE-2025-36097)
Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a denial of service with the jsonp-1.0, jsonp-1.1, or jsonp-2.0 features enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with WebSphere Remote Server, are affected by a denial of service (CVE-2025-36097)
Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server and WebSphere Application Server Liberty has been published in a security bulletin...
Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed WebSphere Application Server is affected by a denial of service with glassfish jsonp (CVE-2025-36097)
Summary WebSphere Application Server is included as part of IBM Tivoli Composite Application Manager for Application Diagnostics and has affected by a denial of service with glassfish jsonp CVE-2025-36097 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes sectio...
CVE-2025-36097
IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server to consume excessive memory resources...
IBM WebSphere Application Server 9.x < 9.0.5.25 / Liberty 17.0.0.3 < 25.0.0.8 DoS (7239856)
The version of IBM WebSphere Application Server running on the remote host is affected by a DoS vulnerability as referenced in the 7239856 advisory. - IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service,...
CVE-2025-36097
CVE-2025-36097 affects IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7. The issue is a stack-based overflow in the server when processing specially crafted requests, leading to denial of service by consuming memory resources. The vulnerabili...
CVE-2025-36097 IBM WebSphere Application Server denial of service
IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server to consume excessive memory resources...
CVE-2025-36097
creationtimestamp| type| source ---|---|--- 2025-07-16 16:25:05+00:00| seen| https://bsky.app/profile/knaepp.bsky.social/post/3lu3texeaya2b 2025-07-16 16:40:05+00:00| seen| https://bsky.app/profile/knaepp.bsky.social/post/3lu3u7rkyfj27 2025-07-16 16:50:04+00:00| seen|...