High Severity

IBM Security Bulletin: Potential denial of service in Liberty for Java for IBM Cloud (CVE-2018-10237)

Share this post:

There is a potential denial of service with the Google Guava library that is used in Liberty for Java.

CVE(s): CVE-2018-10237

Affected product(s) and affected version(s):
This vulnerability affects all versions of Liberty for Java in IBM Cloud up to and including v3.27.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10871774
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142508

More stories

IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities (CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3863)

Jul 23, 2019 9:01 am EDT | High Severity

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to address multiple security vulnerabilities. The libssh2 packages that implement the SSH2 protocol is affected by four vulnerabilities. CVE(s): CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3863 Affected product(s) and affected version(s):IBM Security Identity Governance and Intelligence (IGI) 5.2, 5.2.1, 5.2.2, 5.2.2.1, 5.2.3, 5.2.3.1, ...read more


IBM Security Bulletin: Multiple vulnerabilities in Oracle Outside In Technology affect IBM Rational DOORS Next Generation

Jul 23, 2019 9:01 am EDT | High Severity

IBM Rational DOORS Next Generation® is affected by multiple vulnerabilities in the Oracle Outside In Technology® that is used as a component. CVE(s): CVE-2019-2610, CVE-2019-2609, CVE-2019-2608, CVE-2019-2705, CVE-2019-2612, CVE-2019-2611, CVE-2019-2613 Affected product(s) and affected version(s):Rational DOORS Next Generation 6.0.6 Rational DOORS Next Generation 6.0.6.1 Previous versions are not affected. Refer to the following reference URLs ...read more


IBM Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Apr 2019 – Includes Oracle Apr 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Jul 22, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions – Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in April 2019. CVE(s): CVE-2019-10245, CVE-2019-2684, CVE-2019-2602, CVE-2019-2697, CVE-2019-2698, CVE-2019-2699 Affected product(s) and affected ...read more