High Severity

Security Bulletin: IBM Cloud Private is vulnerable to a Node.js lodash vulnerability (CVEID: 183560)

Share this post:

IBM Cloud Private is vulnerable to a Node.js lodash vulnerability

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Cloud Private 3.2.1 CD
IBM Cloud Private 3.2.2 CD

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6338463

More stories

Security Bulletin: IBM Security Verify Information Queue uses a Node.js proxy library that has a known vulnerability (183561)

Mar 2, 2021 7:00 pm EST | High Severity

The web server in IBM Security Verify Information Queue (ISIQ) uses an older version of the http-proxy package that has a known vulnerability to a denial of service. As of v10.0.0, ISIQ has upgraded to a newer, secure version of http-proxy. ...read more


Security Bulletin: IBM Security Guardium is affected by kernel vulnerabilities

Mar 1, 2021 7:00 pm EST | High Severity

IBM Security Guardium has fixed these vulnerabilities ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium

Mar 1, 2021 7:00 pm EST | High Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Security Guardium. These issues were disclosed as part of the IBM Java SDK updates in July 2020. ...read more