Security Bulletin: Multiple vulnerabilites in IBM Rational Build Forge.

Summary IBM Rational Build Forge 8.0.0.30 addresses multiple vulnerabilites Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are...

Security Bulletin: Multiple vulnerabilites in IBM Rational Build Forge.

Summary IBM Rational Build Forge 8.0.0.29 addresses multiple vulnerabilites Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When Axios starting in version 0.28.0 and prior to versions 0.30.2 and 1.12.0 runs on Node.js and i...

EUVD-2011-1050

Malware in sbrugna...

EUVD-2011-3354

Malware in sbrugna...

Security Bulletin: Multiple vulnerabilites in IBM Rational Build Forge.

Summary IBM Rational Build Forge 8.0.0.28 addresses multiple vulnerabilites Vulnerability Details CVEID:CVE-2024-38286 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from...

CVE-2011-1034

Cross-site scripting XSS vulnerability in the UI in IBM Rational Build Forge 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter to the fullcontrol program. NOTE: some of these details are obtained from third party information...

Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-31618, CVE-2020-13950, CVE-2019-17567, CVE-2020-26691, CVE-2021-26690, CVE-2020-13938, CVE-2021-30641, CVE-2020-35452)

Summary IBM Rational Build Forge version 8.0.x is affected by CVE-2021-31618, CVE-2020-13950, CVE-2019-17567, CVE-2020-26691, CVE-2021-26690, CVE-2020-13938, CVE-2021-30641, CVE-2020-35452 Vulnerability Details CVEID:CVE-2021-31618 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of...

Security Bulletin: Multiple vulnerabilites in IBM Rational Build Forge.

Summary IBM Rational Build Forge 8.0.0.27 addresses multiple vulnerabilites Vulnerability Details CVEID:CVE-2024-40898 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request forgery, caused by an error on Windows with modrewrite in server/vhost context. By sending a specially crafte...

Security Bulletin: Multiple vulnerabilites in IBM Rational Build Forge.

Summary IBM Rational Build Forge 8.0.0.26 addresses multiple vulnerabilites Vulnerability Details CVEID:CVE-2024-21733 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the leaking of unrelated request bodies in default error page. By sending a...

Security Bulletin: IBM Rational Build Forge 8.0.0.25 addresses multiple vulnerabilities

Summary IBM Rational Build Forge 8.0.0.25 addresses multiple vulnerabilities Vulnerability Details CVEID:CVE-2023-42794 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by accumulation of temporary files on Windows when a web application opened a stream for an uploaded file...

Security Bulletin: IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating Apache Tomcat Server

Summary Security Bulletin: IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating Apache Tomcat Server Vulnerability Details CVEID:CVE-2023-28708 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the missing of secure...

Security Bulletin: IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating Apache HTTP Server

Summary IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating Apache HTTP Server Vulnerability Details CVEID:CVE-2023-27522 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding request header b...

Security Bulletin: IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating IBMJDK

Summary IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating IBMJDK Vulnerability Details CVEID: CVE-2022-21299 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service...

Security Bulletin: IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating OpenSSL

Summary IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating OpenSSL Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation...

Security Bulletin: IBM Rational Build Forge is vulnerable to a denial of service due to the use of Apache HTTP server (CVE-2022-29404).

Summary Apache HTTP server is used by IBM Rational Build Forge. This fix includes Apache Http Server 2.4.54 Vulnerability Details CVEID:CVE-2022-29404 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by no default limit on possible input size. By sending a specially...

Security Bulletin: IBM Rational Build Forge is vulnerable and could allow an unauthenticated attacker to cause a denial of service due to the use of IBM Java (CVE-2021-35561)

Summary IBM Java is used by IBM Rational Build Forge. The vulnerability CVE-2021-35561 has been identified and addressed. Vulnerability Details CVEID:CVE-2021-35561 DESCRIPTION: An unspecified vulnerability in Java SE related to the Utility component could allow an unauthenticated attacker to cau...

Security Bulletin: IBM Rational Build Forge is vulnerable a remote attacker to execute arbitrary code on the system due to the use of Apache HTTP Server (CVE-2022-23943)

Summary IBM Rational Build Forge is affected by CVE-2022-23943. Vulnerability Details CVEID:CVE-2022-23943 DESCRIPTION: Apache HTTP Server could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in modsed. By sending specially crafted data, an...

Security Bulletin: IBM Rational Build Forge is vulnerable to HTTP request smuggling due to the use of Apache HTTP server (CVE-2022-26377).

Summary Apache HTTP server is used by IBM Rational Build Forge. This fix includes Apache Http Server 2.4.54 Vulnerability Details CVEID:CVE-2022-26377 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request smuggling, caused by an inconsistent Interpretation of HTTP Requests vulnerability i...

Security Bulletin: IBM Rational Build Forge is vulnerable to denial of service, weaker than expected security, and could allow a remote attacker to obtain sensitive information due to the use of OpenSSL

Summary IBM Rational Build Forge is vulnerable to denial of service, weaker than expected security, and could allow a remote attacker to obtain sensitive information due to the use of OpenSSL CVE-2021-23839, CVE-2021-23840, CVE-2021-23841, CVE-2020-1971, CVE-2020-1968. IBM has addressed these...

Security Bulletin: IBM Rational Build Forge is vulnerable and could allow unauthenticated attacker to cause multiple impacts due to the use of JNDI component (CVE-2022-21496, CVE-2022-21434, CVE-2022-21443)

Summary IBM JDK used by IBM Rational Build Forge. This fix includes IBM JDK 8.0.7.10 which is based on jdk8u331-b09 Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause no...