Medium Severity

Security Bulletin: Security vulnerabilities in Dojo and jQuery might affect IBM Business Automation Workflow and IBM Business Process Manager (BPM)

Share this post:

Security vulnerabilities have been reported for Dojo and jQuery version shipped with IBM Business Automation Workflow and IBM BPM.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Business Automation Workflow V19.0
V18.0
IBM Business Process Manager V8.6
V8.5
V8.0

For earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6155493

More stories

Security Bulletin: Vulnerability in Apache CXF affects WebSphere Application Server (CVE-2019-12406)

May 30, 2020 8:00 pm EDT | Medium Severity

There is a denial of service in the Apache CXF library used by WebSphere Application Server. This has been addressed. ...read more


Security Bulletin: A vulnerability in IBM Java Runtime affects IBM Spectrum Conductor and IBM Spectrum Conductor with Spark

May 29, 2020 8:00 pm EDT | Medium Severity

There is an unspecified vulnerability (CVE-2019-2949) in IBM® Runtime Environment Java™ Version 8 used by IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0, IBM Spectrum Conductor 2.3.0, and IBM Spectrum Conductor with Spark 2.2.1. IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0, IBM Spectrum Conductor 2.3, and IBM Spectrum Conductor with Spark 2.2.1 have addressed the applicable CVE. ...read more


Security Bulletin: Vulnerabilities in Open Source Python affects IBM Tivoli Application Dependency Discovery Manager (CVE-2019-18348)

May 29, 2020 8:00 pm EDT | Medium Severity

Vulnerabilities in Open Source Python affects IBM Tivoli Application Dependency Discovery Manager (CVE-2019-18348) ...read more