Authors: Created by IBM

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available.You can track this item individually or track all items by product. Notify me when this APAR changes. Notify me when an APAR for...

Just published by IBM: Read more

Authors: Created by IBM

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available.You can track this item individually or track all items by product. Notify me when this APAR changes. Notify me when an APAR for...

Just published by IBM: Read more

Authors: Created by IBM

There is a vulnerability in the Neko HTML library used by IBM WebSphere Application Server Liberty with the openid-2.0 feature enabled.This has been addressed. CVEID:  CVE-2022-24839^[1]
DESCRIPTION:  Sparkle Motion Nokogiri is vulnerable to a denial of service, caused by a java.lang.OutOfMemoryError exception when parsing ill-formed HTML markup in the fork of org.cyberneko.html.By sending a specially-crafted request, a remote attacker could exploit this vulnerability to...

Just published by IBM: Read more

Authors: Created by IBM

File link	File size	File description

...

Just published by IBM: Read more

Authors: Created by IBM

IBM WebSphere Application Server is vulnerable to a server-side request forgery vulnerability.This has been addressed. CVEID:  CVE-2022-35282^[1]
DESCRIPTION:  IBM WebSphere Application Server is vulnerable to server-side request forgery (SSRF).By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data.
CVSS Base score:4.3
CVSS Temporal Score:See:https://exchange.xforce.ibmcloud.com/vulnerabilities/230809^[2]...

Just published by IBM: Read more