High Severity

IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management

Share this post:

There are vulnerabilities in Node.js used by IBM® Cloud App Management. IBM® Cloud App Management has addressed the applicable CVEs in a later version.

CVE(s): CVE-2019-9517, CVE-2019-9518, CVE-2019-9515, CVE-2019-9516, CVE-2019-9513, CVE-2019-9514, CVE-2019-9511, CVE-2019-9512

Affected product(s) and affected version(s):

IBM Cloud App Management V2019.2.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/1097535
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165183
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164904
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165181
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165182
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164639
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164640
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164638
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164903

More stories

Security Bulletin: WebSphere Liberty susceptible to HTTP2 implementation vulnerablility.

Feb 22, 2020 7:00 pm EST | High Severity

IBM Worklight/MobileFoundation has addressed the following vulnerability. WebSphere Liberty susceptible to HTTP2 implementation vulnerablility. ...read more


Security Bulletin: Command injection vulnerabilities in IBM Spectrum Protect Plus (CVE-2020-4210, CVE-2020-4213, CVE-2020-4222, CVE-2020-4212, CVE-2020-4211)

Feb 22, 2020 7:00 pm EST | High Severity

Command injection vulnerabilities in IBM Spectrum Protect Plus could allow a remote attacker to execute arbitrary code on the system. ...read more


Security Bulletin: A security vulnerability has been identified in libjpeg-turbo shipped with PowerAI.

Feb 22, 2020 7:00 pm EST | High Severity

Vulnerability CVE-2019-2201 found in libjpeg-turbo package. ...read more