High Severity

IBM Security Bulletin: Potential denial of service in Liberty for Java for IBM Cloud (CVE-2018-10237)

Share this post:

There is a potential denial of service with the Google Guava library that is used in Liberty for Java.

CVE(s): CVE-2018-10237

Affected product(s) and affected version(s):
This vulnerability affects all versions of Liberty for Java in IBM Cloud up to and including v3.27.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10871774
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142508

More stories

IBM Security Bulletin: Multiple vulnerabilities in IBM HTTP Server (CVE-2019-0211 CVE-2019-0220)

Apr 23, 2019 9:02 am EDT | High Severity

There are multiple vulnerabilities in the IBM HTTP Server used by WebSphere Application Server. CVE-2019-0211 affects version 9 non-windows platforms only. CVE(s): CVE-2019-0220, CVE-2019-0211 Affected product(s) and affected version(s): These vulnerabilities affect the following version and release of IBM HTTP Server (powered by Apache) component in all editions of WebSphere Application Server and bundling products. ...read more

IBM Security Bulletin: Potential vulnerability related to Unsafe Deserialization in Apache Solr shipped with IBM Operations Analytics – Log Analysis (CVE-2019-0192)

Apr 23, 2019 9:01 am EDT | High Severity

In Solr the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of unsafe deserialization in Solr to trigger remote code execution on the Solr side. CVE(s): CVE-2019-0192 Affected product(s) and affected version(s):IBM Operations Analytics – Log Analysis ...read more

IBM Security Bulletin: IBM i is affected by networking BIND vulnerabilities CVE-2018-5744 CVE-2019-6465 and CVE-2018-5745.

Apr 23, 2019 9:01 am EDT | High Severity

ISC BIND is vulnerable to these security vulnerabilities. IBM i has addressed these vulnerabilities. CVE(s): CVE-2018-5745, CVE-2019-6465, CVE-2018-5744 Affected product(s) and affected version(s): Releases 7.1, 7.2 and 7.3 of IBM i are affected. Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10876698X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157386X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157377X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157371 ...read more