Security Bulletin: ClassLoader manipulation with Apache Struts in WebSphere Application Server affecting Rational Application Developer (CVE-2014-0114)

Summary There is a ClassLoader manipulation vulnerability in Apache Struts that is used by the WebSphere Application Server bundled with Rational Application Developer Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this...

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software

Summary Multiple Node.js vulnerabilities has been discovered that affects the Cordova platform packaged with Rational Application Developer Vulnerability Details CVEID: CVE-2017-1000381 DESCRIPTION: c-ares could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Application Developer for WebSphere Software (CVE-2016-3508, CVE-2016-3500, CVE-2016-3458, CVE-2016-3485)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by IBM Rational Application Developer for WebSphere Software. Vulnerability Details CVEID: CVE-2016-3508 DESCRIPTION: An unspecified vulnerability in Oracle Java SE Java SE Embedded and...

Security Bulletin: A vulnerability affects the Cordova platform packaged with Rational Application Developer (CVE-2015-8320)

Summary A vulnerability has been discovered that affects the Cordova platform packaged with Rational Application Developer. Vulnerability Details CVEID: CVE-2015-8320 DESCRIPTION: Apache Cordova Android could allow a remote attacker to bypass security restrictions, caused by weak randomization of...

Security Bulletin: Multiple vulnerabilities in the IBM SDK for Node.js affect the Cordova tools in IBM Rational Application Developer (CVE-2016-2086, CVE-2016-2216, CVE-2015-3197)

Summary Security vulnerabilities have been discovered in the IBM SDK for Node.js used by the Cordova platform packaged in IBM Rational Application Developer. Vulnerability Details CVEID: CVE-2016-2086 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by the improper handling of...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Application Developer for WebSphere Software

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by IBM Rational Application Developer for WebSphere Software. These issues were disclosed as part of the IBM Java SDK updates in April 2017. Vulnerability Details CVEID: CVE-2017-3511...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Application Developer for WebSphere Software

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by IBM Rational Application Developer for WebSphere Software. These issues were disclosed as part of the IBM Java SDK updates in October 2017 and January 2018. Vulnerability Details...

Security Bulletin: Denial of Service with WebSphere Application Server affecting Rational Application Developer (CVE-2014-0964)

Summary There is a potential denial of service with IBM WebSphere Application Server 6.0.2 and 6.1 that affects versions of WebSphere Application Server used with IBM Rational Application Developer. Vulnerability Details | Subscribe to My Notifications to be notified of important product support...

Security Bulletin: Multiple vulnerabilities affecting the Cordova platform packaged with Rational Application Developer (CVE-2014-3500, CVE-2014-3501 and CVE-2014-3502)

Summary Multiple vulnerabilities have been discovered that affect the Cordova platform packaged with Rational Application Developer. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more information requires...

Security Bulletin: Rational Application Developer is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more information requires login with...

Security Bulletin: Multiple OpenSSL and Non-OpenSSL vulnerabilities in Node.js included in Rational Application Developer for WebSphere Software

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM SDK for Node.js. IBM SDK for Node.js has addressed the applicable CVEs, plus three additional vulnerabilities unrelated to the OpenSSL release. Vulnerability Details CVEID:...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Application Developer for WebSphere Software

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by IBM Rational Application Developer for WebSphere Software. These issues were disclosed as part of the IBM Java SDK updates in January 2017 and October 2016. Vulnerability Details...

Security Bulletin: Vulnerabilities in OpenSSL affects Rational Application Developer for WebSphere Software

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by the Cordova platform packaged with Rational Application Developer for WebSphere Software and has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0207 DESCRIPTION: OpenS...

Security Bulletin: A vulnerability in IBM Java SDK affects Rational Application Developer for WebSphere (CVE-2014-4263)

Summary There is a vulnerability in IBM SDK Java Technology Edition, Versions 5, 6, and 7 that is used by Rational Application Developer for WebSphere. This issue was disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details | Subscribe to My Notifications to be notified o...

Security Bulletin: Security vulnerability with Eclipse Git Team Provider affects Rational Application Developer (CVE-2014-9390)

Summary This vulnerability affects users on Windows and Mac OS X but not typical UNIX users. Even though the issue may not affect Linux users, if you are a hosting service whose users may fetch from your service to Windows or Mac OS X machines, you are strongly encouraged to update to protect suc...

Security Bulletin: Weaker than expected security with Liberty Repository affecting Rational Application Developer for WebSphere Software (CVE-2014-4767)

Summary The WebSphere Application Server Liberty profile could provide weaker than expected security when installing features via the Liberty Repository. A remote attacker could exploit this vulnerability using a man-in-the-middle technique to cause the installation of malicious code. Vulnerabili...

Security Bulletin: A vulnerability in IBM Java SDK affects Rational Application Developer for WebSphere (CVE-2014-0453)

Summary There is a vulnerability in IBM SDK Java Technology Edition, Versions 5, 6, and 7 that is used by Rational Application Developer for WebSphere. This issue was disclosed as part of the IBM Java SDK updates in April 2014. Vulnerability Details | Subscribe to My Notifications to be notified ...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Application Developer for WebSphere (CVE-2014-3566, CVE-2014-3065, CVE-2014-6457)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 6, and 7 that are used by Rational Application Developer. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were disclosed as part ...

Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Rational Application Developer for WebSphere Software (CVE-2015-4000, CVE-2015-1793)

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project and affect Rational Application Developer for WebSphere Software. This includes the Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. This also includes the alternate chains...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Rational Application Developer for WebSphere (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Rational Application Developer for WebSphere Software Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caus...