High Severity

Security Bulletin: IBM Cloud Pak for Integration is vulnerable to multiple Node.js vulnerabilities

Share this post:

IBM Cloud Pak for Integration is vulnerable to multiple Node.js vulnerabilities with details below

CVE(s): CVE-2021-22930, CVE-2021-22921, CVE-2021-22918

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Platform Navigator in IBM Cloud Pak for Integration (CP4I) 2020.4.1
2021.1.1
2021.2.1
Asset Repository in IBM Cloud Pak for Integration (CP4I) 2020.4.1
2021.1.1
2021.2.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6501841
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/206473
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/204785
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/204784

More stories

Security Bulletin: A security vulnerability in Node.js jsonpointer module affects IBM Cloud Automation Manager

Dec 3, 2021 7:01 pm EST | High Severity

A security vulnerability in Node.js jsonpointer module affects IBM Cloud Automation Manager. ...read more



Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Dec 3, 2021 7:01 pm EST | High Severity

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. ...read more