Apache Struts Jakarta Multi-part Parser Code Execution (CVE-2017-5638)

Share this post:

On March 6, 2017 a vulnerability in the Apache Struts Jakarta Multi-part parser code execution was reported by Apache.

IBM is analyzing its products to determine which ones may be affected by this vulnerability. Affected IBM products will be issuing mitigations and/or fixes as soon as possible. Please actively monitor both your IBM Support Portal for available fixes and this blog for additional information.

IBM recommends that customers:

More Featured Carousel stories

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.

Mar 25, 2021 8:00 pm EDT | Critical Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool. These issues were disclosed as part of the IBM Java SDK updates in Jan 2021. ...read more


Security Bulletin: Security vulnerabilities in Java SE affects Rational Build Forge

Mar 25, 2021 8:00 pm EDT | Low Severity

Java SE that is used by IBM Rational Build Forge has a security vulnerabilities. IBM Rational Build Forge has addressed the applicable CVEs. ...read more


Security Bulletin: Multiple vulnerabilities in node.js may affect configuration editor used in IBM Business Automation Workflow and IBM Business Process Manager (BPM) – CVE-2020-1971, CVE-2020-8265, CVE-2020-8287

Mar 25, 2021 8:00 pm EDT | High Severity

Security vulnerabilities have been reported for Node.js. IBM Business Automation Workflow and IBM BPM include a stand-alone tool for editing configuration properties files that is based on IBM SDK for Node.js. ...read more