Security Bulletin: Multiple vulnerabilities within OpenSSL and Node.js affect IBM App Connect Enterprise and IBM Integration Bus

Summary IBM App Connect Enterprise and IBM Integration Bus are vulnerable to denial of service and remote attack due to OpenSSL and Node.js. CVE-2022-4450, CVE-2023-0216 & CVE-2023-0401, CVE-2022-4203, CVE-2023-0217, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286 & CVE-2022-25881. The fix includes...

Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.10 and earlier

Summary This fix upgrades to nodejs 14.21.3. Vulnerability Details CVEID:CVE-2023-23918 DESCRIPTION: Node.js could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when enable the experimental permissions option with --experimental-policy. By sending a...

PT-2023-2765 · Node.Js +10 · Node.Js +10

Name of the Vulnerable Software and Affected Versions: Node.js versions prior to 19.6.1 Node.js versions prior to 18.14.1 Node.js versions prior to 16.19.1 Node.js versions prior to 14.21.3 Description: An untrusted search path issue exists that could allow an attacker to search and potentially...