Medium Severity

Security Bulletin: A Security Vulnerability was fixed in IBM Application Gateway.

Share this post:

IBM Security Application Gateway is vulnerable to cross-site scripting. This has been fixed in IBM Application Gateway 22.07

CVE(s): CVE-2022-22387

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Application Gateway 1.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6824247
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/221965

More stories

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-40750)

December 1, 2022 | Medium Severity

Websphere Application Server (WAS) is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. ...read more


Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNOME libxml2 (CVE-2022-29824)

December 1, 2022 | Medium Severity

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNOME libxml2, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) (CVE-2022-29824). GNOME libxml2 is used as part of the base image included in our service components. Please read the details for remediation below. ...read more


Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to denial of service due to CVE-2022-22844

December 1, 2022 | Medium Severity

LibTIFF is not used directly by IBM App Connect Enterprise Certified Container but is present in the DesignerAuthoring image used for mapping assistance, which may be vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability CVE-2022-22844 in LibTIFF. ...read more