High Severity

IBM Security Bulletin: Multiple Mozilla Firefox vulnerabilities in IBM SONAS

Share this post:

There are security vulnerabilities in versions of Mozilla Firefox that are shipped with versions to of IBM SONAS

CVE(s): CVE-2018-12386, CVE-2018-12387

Affected product(s) and affected version(s):

The product is affected when running code releases to

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10738183
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/150745
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/150746

More stories

Security Bulletin: BIND for IBM i is affected by CVE-2020-8616 and CVE-2020-8617

Jul 6, 2020 8:00 pm EDT | High Severity

BIND is used by IBM i. IBM i has addressed the applicable CVEs. ...read more

Security Bulletin: IBM® Db2® is vulnerable to buffer overflow leading to a privileged escalation (CVE-2020-4363)

Jul 6, 2020 8:00 pm EDT | High Severity

IBM® Db2® is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. ...read more

Security Bulletin: Security Vulnerabilities in IBM® Java SDK April 2020 CPU affect multiple IBM Continuous Engineering products based on IBM Jazz Technology

Jul 3, 2020 8:00 pm EDT | High Severity

There are multiple vulnerabilities in IBM® SDK Java Technology Edition from April 2020 CPU and the CVE-2019-2949 (deferred from Oracle Oct 2019 CPU) that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management (ELM), IBM Engineering Requirements Management DOORS Next (DOORS Next), IBM Engineering Lifecycle Optimization - Engineering Insights (ENI), IBM Engineering Workflow Management (EWM), IBM Engineering Systems Design Rhapsody - Design Manager (RDM), IBM Engineering Systems Design Rhapsody - Model Manager (RMM). These issues were disclosed as part of the IBM Java SDK updates in April 2020. ...read more