High Severity

Security Bulletin: IBP javaenv and dind images

Share this post:

Versions of IBP images javaenv and dind before 2.5.1 included a version of gradle that depended upon vulnerable Apache libraries. Gradle is a build system, intended to aid in building chaincode, though not required for building chaincode.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Blockchain Platform (Software/on-prem) All

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6381832

More stories

Security Bulletin: IBM Cloud Private is vulnerable to a Go vulnerability (CVE-2020-28362)

Feb 26, 2021 7:01 pm EST | High Severity

IBM Cloud Private is vulnerable to a Go vulnerability ...read more



Security Bulletin: IBM Cloud Private is vulnerable to a Python vulnerability (CVE-2020-25659)

Feb 26, 2021 7:01 pm EST | High Severity

IBM Cloud Private is vulnerable to a Python vulnerability ...read more