Low Severity

Security Bulletin: IBM MQ is vulnerable to an issue within the Zlib library (CVE-2018-25032)

Share this post:

An issue was identified within the Zlib library that affects IBM MQ. IBM MQ uses Zlib to perform message compression.

CVE(s): CVE-2018-25032

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM MQ 9.1 LTS
IBM MQ 9.0 LTS
IBM MQ 8.0
IBM MQ 9.2 CD
IBM MQ 9.1 CD
IBM MQ 9.2 LTS

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6823767
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/222615

More stories

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in OAuthLib

November 30, 2022 | Low Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of OAuthLib. ...read more


Security Bulletin: IBM DataPower Gateway does not invalidate active sessions on a password change (CVE-2022-40228)

November 21, 2022 | Low Severity

If a user password is changed, IBM DataPower Gateway does not immediately invalidate existing active sessions that were created with the old password. This means that a session created using a compromised password could continue to operate after the password has been changed until the session expires. ...read more


Security Bulletin: Vulnerability in Apache HTTP (CVE-2020-13950) affects Power HMC

November 18, 2022 | Low Severity

Apache HTTP webserver is used by IBM Power Hardware Management Console (HMC) for accepting https request and transfer to and fro to internal applications. This bulletin provides a remediation for the impacted vulnerability, CVE-2020-13950 by upgrading IBM Power Hardware Management Console (HMC) respective PTF and thus addressing the exposure to the vulnerability. ...read more