CVE-2025-1142 IBM Edge Application Manager server-side request forgery

IBM Edge Application Manager 4.5 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

Security Bulletin: IBM Edge Application Manager 4.5.2 addresses the security vulnerabilities listed in the CVEs below.

Summary IBM Edge Application Manager 4.5.2 addresses the security vulnerabilities listed in the CVEs below. Vulnerability Details CVEID:CVE-2022-25883 DESCRIPTION: Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the new...

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2020-15112 DESCRIPTION: etcd is vulnerable to a denial of service, caused by a flaw in the ReadAll method in wal/wal.go. By sending a specially crafted data, a remote authenticated attacker...

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2019-6283 DESCRIPTION: LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::parenthesescope in prelexer.hpp. By persuading a victim to open ...