Security Bulletin: Due to use of spring-security-web-6.5.8.jar, IBM Sterling Connect:Direct Web Services is affected by missing HTTP header in response issue.

Summary spring-security-web-6.5.8.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-22732. Vulnerability Details CVEID:CVE-2026-22732 DESCRIPTION: When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP...