8 matches found
Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for October 2025.
Summary Security vulnerabilities are addressed with IBM Business Automation Insights 24.0.0-IF005 and 25.0.0-IF002. These vulnerabilities have been also addressed in 24.0.1-IF005. Vulnerability Details CVEID:CVE-2025-36091 DESCRIPTION: IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and...
Fedora: Security Advisory (FEDORA-2025-ffaf646c29)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in dompurify-3.2.5.tgz
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in dompurify-3.2.5.tgz Vulnerability Details CVEID:CVE-2025-48050 DESCRIPTION: In DOMPurify through 3.2.5 before 6bc6d60, scripts/server.js does not ensure that a pathname is located under the current...
Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale and the Management GUI are now included (CVE-2025-48050, CVE-2025-43865 and CVE-2025-43864)
Summary The following vulnerabilities that can affect IBM Storage Scale and the Management GUI and could provide weaker than expected security are now fixed CVE-2025-48050, CVE-2025-43865 and CVE-2025-43864. Vulnerability Details CVEID:CVE-2025-48050 DESCRIPTION: In DOMPurify through 3.2.5 before...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 2.0.2
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 2.0.2 Vulnerability Details CVEID:CVE-2025-48050 DESCRIPTION: In DOMPurify through 3.2.5 before 6bc6d60, scripts/server.js does not ensure that a...
Fedora: Security Advisory (FEDORA-2025-d636dbcc45)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to dompurify-3.2.4.tgz, dompurify-3.2.5.tgz CVE-2025-48050
Summary IBM Maximo Application Suite - Monitor Component is vulnerable to dompurify-3.2.4.tgz, dompurify-3.2.5.tgz CVE-2025-48050. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-48050 DESCRIPTION: In DOMPurify through 3.2.5 before...
CVE-2025-48050
In DOMPurify through 3.2.5 before 6bc6d60, scripts/server.js does not ensure that a pathname is located under the current working directory. NOTE: the Supplier disputes the significance of this report because the "Uncontrolled data used in path expression" occurs "in a development helper script...