Medium Severity

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to denial of service due to SnakeYAML (CVE-2017-18640)

Share this post:

MyFG 2.0 of IBM Sterling B2B Integrator uses SnakeYAML. There is a denial of service vulnerability in SnakeYAML which has been addressed.

CVE(s): CVE-2017-18640

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Sterling B2B Integrator 6.0.0.0 – 6.0.3.5
IBM Sterling B2B Integrator 6.1.0.0 – 6.1.0.4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6611241
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/174331

More stories

Security Bulletin: IBM CICS TX Standard is vulnerable to a local user causing a denial of service. (CVE-2022-34308)

October 4, 2022 | Medium Severity

IBM CICS TX Standard could allow a local user to cause a denial of service due to improper load handling. The fix removes this vulnerability (CVE-2022-34308) from IBM CICS TX Standard. ...read more


Security Bulletin: A security vulnerability has been identified in Apache HttpClient shipped with IBM Tivoli Netcool Impact (CVE-2020-13956)

October 4, 2022 | Medium Severity

Apache HttpClient is shipped with IBM Tivoli Netcool Impact to handle HTTP communications. . Information about a security vulnerability affecting Apache HttpClient has been published in a security bulletin. ...read more


Security Bulletin: A vulnerability in Apache WSS4J affects IBM Tivoli Business Service Manager (CVE-2014-3623)

October 4, 2022 | Medium Severity

Apache WSS4J is shipped with IBM Tivoli Business Manager 6.2.0 as part of its web services infrastructure. Information about security vulnerabilities affecting Apache WSS4J has been published in a security bulletin. ...read more