Medium Severity

Security Bulletin: Multiple Apache PDFBox security vulnerabilities

Share this post:

FileNet Content Manager (FNCM) has multiple Apache PDFBox security vulnerabilities in Content Platform Engine (CPE) and Content Search Services (CSS)

CVE(s): CVE-2021-31811, CVE-2021-31812

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Enterprise Content Management Text Search 5.5.4.0
IBM Enterprise Content Management Text Search 5.5.6.0
FileNet Content Manager 5.5.4
FileNet Content Manager 5.5.6

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6467839
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203615
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203587

More stories

Security Bulletin: IBM QRadar SIEM is vulnerable to cross-site scripting (XSS) (CVE-2021-29849)

Nov 30, 2021 7:04 pm EST | Medium Severity

IBM QRadar SIEM is vulnerable to cross-site scripting ...read more


Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server October 2021 CPU

Nov 30, 2021 7:04 pm EST | Medium Severity

There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These might affect some configurations of IBM WebSphere Application Server Traditional, IBM WebSphere Application Server Liberty and IBM WebSphere Application Server Hypervisor Edition. These products have addressed the applicable CVEs. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for "IBM Java SDK Security Bulletin" located in the References section for more information. HP fixes are on a delayed schedule. ...read more


Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Java

Nov 30, 2021 7:04 pm EST | Medium Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Java. ...read more