High Severity

Security Bulletin: IBM Security Verify Information Queue uses a Node.js proxy library that has a known vulnerability (183561)

Share this post:

The web server in IBM Security Verify Information Queue (ISIQ) uses an older version of the http-proxy package that has a known vulnerability to a denial of service. As of v10.0.0, ISIQ has upgraded to a newer, secure version of http-proxy.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Security Verify Information Queue 1.0.6, 1.0.7

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6421021

More stories

Security Bulletin: Multiple vulnerabilities in Apache Tika affects Apache Solr shipped with IBM Operations Analytics – Log Analysis

Apr 16, 2021 8:03 pm EDT | High Severity

There are different types of vulnerabilities in various versions of Apache Tika that affect Apache Solr. The vulnerabilities are in Vulnerability Details section. ...read more


Security Bulletin: IBM® Db2® db2fm is vulnerable to a buffer overflow (CVE-2020-5025)

Apr 16, 2021 8:02 pm EDT | High Severity

IBM Db2 db2fm is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. ...read more


Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Apr 16, 2021 8:02 pm EDT | High Severity

IBM Security Guardium has fixed this vulnerability ...read more