High Severity

Security Bulletin: Security vulnerabilities in Apache Commons Compress affects IBM License Metric Tool v9.

Share this post:

There are vulnerabilities in Apache Commons Compress library that is used by IBM License Metric Tool.

CVE(s): CVE-2021-35517, CVE-2021-36090

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM License Metric Tool All

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6527136
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/205307
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/205310

More stories

Security Bulletin: IBM App Connect Enterprise & IBM Integration Bus are vulnerable to a denial of service due to zlib (CVE-2018-25032)

September 27, 2022 | High Severity

IBM App Connect Enterprise & IBM Integration Bus are vulnerable to a denial of service due to zlib. The fix includes zlib 1.2.12. ...read more



Security Bulletin: IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty vulnerable, Eclipse Paho Java client could allow a remote attacker to bypass security restrictions.

September 27, 2022 | High Severity

BM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty vulnerable, Eclipse Paho Java client could allow a remote attacker to bypass security restrictions, caused by the failure to check the result when connecting to an MQTT server using TLS and setting a host name verifier. By sending a specially-crafted request, an attacker could exploit this vulnerability to allow one MQTT server to impersonate another and provide the client library with incorrect information.(CVE-2019-11777) ...read more