Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to a denial of service CVE-2023-43642

Summary snappy-java is used by the IBM Datapower Operations Dashboard as a compressor/decompressor for Java Vulnerability Details CVEID:CVE-2023-43642 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by missing upper bound check on chunk length. By sending a specially crafted...

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to execute arbitrary code on the system [CVE-2023-46604]

Summary Apache ActiveMQ is used by the IBM Datapower Operations Dashboard in its messaging infrastructure. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-46604 DESCRIPTION: Apache ActiveMQ and ActiveMQ Legacy OpenWire Module could all...

Security Bulletin: IBM Datapower Operations Dashboard to a denial of service caused by an unsafe deserialization flaw

Summary Apache Johnzon is used by the IBM Datapower Operations Dashboard in its JSON processing. Vulnerability Details CVEID:CVE-2023-33008 DESCRIPTION: Apache Johnzon is vulnerable to a denial of service, caused by an unsafe deserialization flaw in BigDecimal. By sending a specially crafted JSON...