Security Bulletin: A security vulnerability in Node.js affects IBM Cloud Automation Manager.

Summary A security vulnerability in Node.js affects IBM Cloud Automation Manager. Vulnerability Details CVEID:CVE-2020-8277 DESCRIPTION: Node.js is vulnerable to a denial of service. By getting the application to resolve a DNS record with a larger number of responses, an attacker could exploit th...

Security Bulletin: IBM QuickFile is affected by vulnerabilities that exist in the IBM Java SDK.

Abstract IBM QuickFile uses IBM Java SDK. Multiple security vulnerabilities exist in the IBM Java SDK version this is shipped with the IBM QuickFile. Content The IBM QuickFile is shipped with an IBM Java SDK which is based on the Oracle SDK. Oracle has released a critical patch update CPU which...

Security Bulletin: IBM API Connect is affected by sensitive information leakage in LoopBack (CVE-2019-4382)

Summary API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-4382 DESCRIPTION: IBM API Connect could allow an unauthorized user to obtain sensitive information about the system users using specially crafted HTTP requests. CVSS Base Score: 5.3 CVSS Temporal...

Security Bulletin: API Connect V5 is vulnerable to CSRF attacks (CVE-2018-1858)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2018-1858 DESCRIPTION: IBM API Connect V5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the...