42 matches found
Security Bulletin: Multiple vulnerabilities in GNU Binutils affect IBM Netezza Performance Server
Summary GNU Binutils is used by IBM Netezza Performance Server. IBM Netezza Performance Server has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-48063 DESCRIPTION: GNU Binutils is vulnerable to a denial of service, caused by an excessive memory consumption vulnerability in t...
Security Bulletin: There are multiple vulnerabilities that affect CICS Transaction Gateway Desktop Edition (CVE-2023-50310 and CVE-2023-50311).
Summary There are multiple vulnerabilities that affect CICS Transaction Gateway Desktop Edition. An update to CICS Transaction Gateway Desktop Edition has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2023-50311 DESCRIPTION: IBM CICS Transaction Gateway could...
Security Bulletin: Due to the use of jackson-databind, IBM CICS Transaction Gateway for Multiplatforms is vulnerable to a denial of service (CVE-2023-35116).
Summary There is a vulnerability in jackson-databind which is shipped as part of IBM CICS Transaction Gateway for Multiplatforms. An update to IBM CICS Transaction Gateway for Multiplatforms has been released to address the vulnerability. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION:...
Security Bulletin: "Incorrect/Missing Security Headers" affects IBM CICS TX Advanced 10.1.
Summary "Cookie with Insecure, Improper or Missing SameSite attribute" vulnerability affects IBM CICS TX Advanced 10.1. IBM CICS TX Advanced has addressed the applicable vulnerability. Vulnerability Details CVEID:CVE-2023-38363 DESCRIPTION: IBM CICS TX Advanced does not set the secure attribute o...
Security Bulletin: CVE-2023-38737 may affect IBM WebSphere Liberty shipped with IBM TXSeries for Multiplatforms
Summary CVE-2023-38737 may affect IBM WebSphere Liberty shipped with IBM TXSeries for Multiplatforms. IBM TXSeries for Multiplatforms has addressed the applicable vulnerability. Vulnerability Details CVEID: CVE-2023-38737 DESCRIPTION: IBM WebSphere Application Server Liberty 22.0.0.13 through...
Security Bulletin: CVE-2022-40609 may affect IBM Java shipped with IBM TXSeries for Multiplatforms
Summary CVE-2022-40609 may affect IBM Java shipped with IBM TXSeries for Multiplatforms. IBM TXSeries for Multiplatforms has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to...
Security Bulletin: Multiple vulnerabilities may affect CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition.
Summary IBM® Runtime Environment Java™ is used by CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. The fix updates the Java Runtime Environment to resolve the following vulnerabilities. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java...
Security Bulletin: CVE-2023-0465 may affect IBM CICS TX Advanced 10.1
Summary CVE-2023-0465 may affect IBM CICS TX Advanced 10.1. IBM CICS TX Advanced 10.1 has addressed the applicable vulnerabilities. Vulnerability Details CVEID:CVE-2023-0465 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused by a flaw when using a non-defau...
Security Bulletin: IBM Sterling Global Mailbox is vulnerable to sensitive data exposure due to Apache CXF (CVE-2022-46363)
Summary A security vulnerability has been identified and addressed in Apache CXF shipped with IBM Sterling Global Mailbox. Vulnerability Details CVEID:CVE-2022-46363 DESCRIPTION: Apache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when the CXFServlet is...
Security Bulletin: IBM Sterling Global Mailbox is vulnerable to arbitrary command execution due to com.ibm.ws.org.apache.commons.collections (CVE-2015-7501)
Summary A security vulnerability has been identified and addressed in com.ibm.ws.org.apache.commons.collections.3.2.1-1.0.9.jar shipped with IBM Sterling Global Mailbox. Vulnerability Details CVEID:CVE-2015-7501 DESCRIPTION: Red Hat JBoss A-MQ 6.x; BPM Suite BPMS 6.x; BRMS 6.x and 5.x; Data Grid...
Security Bulletin: CVE-2023-32342 may affect GSKit shipped with IBM CICS TX Standard
Summary CVE-2023-32342 may affect GSKit shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel ...
Security Bulletin: CVE-2023-28867 may affect IBM WebSphere Application Server Liberty shipped with IBM CICS TX Advanced
Summary CVE-2023-28867 may affect IBM WebSphere Application Server Liberty shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-28867 DESCRIPTION: GraphQL Java is vulnerable to a denial of service, caused by a stack-based...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional.
Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in Jan 2023, App Connect Professional have addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21830...
Security Bulletin: CVE-2022-21426 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Standard
Summary CVE-2022-21426 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-21426 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow ...
Security Bulletin: CVE-2023-21830 and CVE-2023-21843 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced
Summary CVE-2023-21830 and CVE-2023-21843 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21830 DESCRIPTION: An unspecified vulnerability in Java SE related to the...
Security Bulletin: CVE-2023-0464 may affect IBM CICS TX Advanced 10.1
Summary CVE-2023-0464 may affect IBM CICS TX Advanced 10.1. IBM CICS TX Advanced 10.1 has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-0464 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error related to the verification of X.509 certificate chains...
Security Bulletin: "Administration Console can be switched to debug mode" may affect IBM CICS TX Standard
Summary "Administration Console can be switched to debug mode" may affect IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-33848 DESCRIPTION: IBM CICS TX could allow a privileged user to obtain highly sensitive information by enabli...
Security Bulletin: "Reflected Cross Site Scripting" may affect IBM CICS TX Standard
Summary "Reflected Cross Site Scripting" may affect IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-33846 DESCRIPTION: IBM CICS TX is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript...
Security Bulletin: CVE-2023-24536, CVE-2023-24537 and CVE-2023-24534 may affect IBM CICS TX Standard
Summary CVE-2023-24536, CVE-2023-24537, CVE-2023-24534 may affect IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-24536 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw during multipart form parsing. By...
Security Bulletin: CVE-2023-24998 may affect IBM CICS TX Advanced
Summary CVE-2023-24998 may affect IBM WebSphere Application Server Liberty supplied with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service,...