Security Bulletin: IBM Transform Services for IBM i is vulnerable to denial of service, buffer overflow, and allowing attacker to obtain sensitive information due to multiple vulnerabilities.

Summary Transform Services for IBM i is vulnerable to denial of service, heap memory buffer overflow, and allowing attacker to obtain sensitive information due to multiple vulnerabilities in Independent JPEG Group IJG JPEG library and zlib library as described in the vulnerability details section...

CVE-2021-41792

An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. A crafted HTML file, once uploaded, could trigger an unexpected request by the transformation engine. The response to the request is not available to...

Server side request forgery (ssrf)

An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. A crafted HTML file, once uploaded, could trigger an unexpected request by the transformation engine. The response to the request is not available to...

CVE-2021-41792

An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. A crafted HTML file, once uploaded, could trigger an unexpected request by the transformation engine. The response to the request is not available to...

CVE-2021-41792

CVE-2021-41792 affects Hyland Alfresco components: org.alfresco:alfresco-content-services up to 6.2.2.18 and org.alfresco:alfresco-transform-services up to 1.3. A crafted HTML file uploaded to the system could trigger an unexpected request by the transformation engine, with the response not expos...