Authors: Created by IBM

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available.You can track this item individually or track all items by product. Notify me when this APAR changes. Notify me when an APAR for...

Just published by IBM: Read more

Authors: Created by IBM


IBM WebSphere Application Server Liberty is vulnerable to a denial of service with the servlet-3.1, servlet-4.0, servlet-5.0, or servlet-6.0 feature with the HTTP/2 protocol enabled. CVEID:  CVE-2024-27268[1]
DESCRIPTION:  IBM WebSphere Application Server Liberty is vulnerable to a denial of service, caused by sending a specially crafted request.A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
CVSS Base score:...

Just published by IBM: Read more

Authors: Created by IBM


IBM WebSphere Application Server could provide weaker than expected security for outbound TLS connections.

CVEID:  CVE-2023-50313[1]
DESCRIPTION:  IBM WebSphere Application Server could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration.
CVSS Base score:5.3
CVSS Temporal Score:See:https://exchange.xforce.ibmcloud.com/vulnerabilities/274712[2] for the current score.
...

Just published by IBM: Read more

Weitere Beiträge ...

  1. PH58869:IBM WebSphere Application Server could provide weaker than expected security (CVE-2023-50313 CVSS 5.3)
  2. PH59984: JAVA.LANG.NOCLASSDEFFOUNDERROR: JAVAX.ANNOTATION.SQL.DATASOURCEDEFINITION
  3. WHEN CLIENTS SET UP SPNEGO, THEY OFTEN CONFIGURE KERBEROS INSTEAD (AND SET KERBEROS AND LTPA), BUT THIS ENDS UP BREAKING SPNEGO
  4. Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a denial of service (CVE-2024-22353)

Seite 5 von 52