Medium Severity

Security Bulletin: IBM MQ for HP NonStop Server is affected by vulnerability CVE-2021-29843

Share this post:

IBM MQ is vulnerable to a denial of service attack caused by an issue processing message properties. The issue is described by CVE-2021-29843.

CVE(s): CVE-2021-29843

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM MQ for HPE NonStop 8.1.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6517416
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/205203

More stories

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cross-site scripting in jQuery (CVE-2020-11022).

August 4, 2022 | Medium Severity

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cross-site scripting in jQuery, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method (CVE-2020-11022). jQuery is used by the runtime components included in IBM Watson Speech. Please read the details for remediation below. ...read more


Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cross-site scripting in jQuery (CVE-2019-11358).

August 4, 2022 | Medium Severity

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cross-site scripting in jQuery, caused by improper validation of user-supplied input in Drupal core. (CVE-2019-11358). jQuery is used by the runtime components included in IBM Watson Speech. Please read the details for remediation below. ...read more


Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in libssh, caused by improper bounds checking.(CVE-2021-3634).

August 4, 2022 | Medium Severity

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in libssh, caused by improper bounds checking (CVE-2021-3634). Libssh, included in RedHat, is used in the base operating system by IBM Watson Speech. Please read the details for remediation below. ...read more