Security Bulletin: A security vulnerability in NGINX ffects IBM Cloud Automation Manager

Summary A security vulnerability in NGINX ffects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2021-3618 DESCRIPTION: Sendmail, vsftpd and NGINX could provide weaker than expected security, caused by an ALPACA application layer protocol content confusion attack, which exploits TL...

Security Bulletin: A security vulnerability in Golang Go affects IBM Cloud Automation Manager

Summary A security vulnerability in Golang Go affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2021-34558 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by the failure to properly assert that the type of public key in an X.509 certificate matches the...

Security Bulletin: A security vulnerability in Node.js affects IBM Cloud Automation Manager

Summary A security vulnerability in Node.js affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2021-22930 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by a use-after-free on close http2 on stream canceling. An attacker could exploi...

Security Bulletin: A security vulnerability in Node.js xmlhttprequest-ssl module affects IBM Cloud Automation Manager

Summary A security vulnerability in Node.js xmlhttprequest-ssl module affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2020-28502 DESCRIPTION: Node.js xmlhttprequest and xmlhttprequest-ssl modules could allow a remote attacker to execute arbitrary code on the system, caused ...

Security Bulletin: A security vulnerability in Golang GO affects IBM Cloud Automation Manager

Summary A security vulnerability in Golang GO affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2021-31525 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in net/http. By sending a specially-crafted header to ReadRequest or ReadResponse. Server,...

Security Bulletin: SmartCloud Provisioning - Django vulnerabilities reported in May 2014 X-Force Report

Summary SmartCloud Provisioning - Django vulnerabilities reported in May 2014 X-Force Report CVE-2014-1418, CVE-2014-3730. Vulnerability Details SmartCloud Provisioning 2.3 is shipped with Open Source Django. Securities vulnerabilities have been discovered in Django, which affect SmartCloud...

CVE-2013-6729

Cross-site scripting XSS vulnerability in IBM QuickFile 1.0.0.0 before iFix 4 and 1.1.0.1 before iFix 3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...