High Severity

IBM Security Bulletin: Version 8.15.0 of Node.js included in IBM Cloud Event Management 2.3.0 has several security vulnerabilities.

Share this post:

Security Bulletin: Version 8.15.0 of Node.js included in IBM Cloud Event Management 2.3.0 has several security vulnerabilities).

CVE(s): CVE-2019-9516, CVE-2019-9515, CVE-2019-9518, CVE-2019-9517, CVE-2019-9512, CVE-2019-9511, CVE-2019-9514, CVE-2019-9513

Affected product(s) and affected version(s):

IBM Cloud Event Management on IBM Cloud Private Version 2.3.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/1078209
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165182
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165181
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164904
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165183
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164903
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164638
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164640
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164639

More stories

Security Bulletin: IBM MQ Appliance is affected by multiple Mozilla Firefox vulnerabilities

Jan 21, 2021 7:00 pm EST | High Severity

IBM MQ Appliance has resolved multiple vulnerabilities. ...read more


Security Bulletin: Vulnerability in Google Guava affects WebSphere Service Registry and Repository (CVE-2018-10237)

Jan 20, 2021 7:01 pm EST | High Severity

A vulnerability in Google Guava affects WebSphere Service Registry and Repository. This issue is also addressed by WebSphere Application Server shipped with WebSphere Service Registry and Repository. ...read more


Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-4958)

Jan 20, 2021 7:01 pm EST | High Severity

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. The vulnerability is due to the RMI connectors that do not appear to be authenticated. ...read more