High Severity

Security Bulletin: Three vulnerabilities in Nimbus JOSE+JWT affect IBM Spectrum Conductor

Share this post:

There are three vulnerabilities in Nimbus JOSE+JWT 3.1.2 used by IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0 and IBM Spectrum Conductor 2.3.0. IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0 and IBM Spectrum Conductor 2.3 have addressed the applicable CVEs.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Spectrum Conductor 2.4
IBM Spectrum Conductor 2.4.1
IBM Spectrum Conductor 2.3

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6219272

More stories

Security Bulletin: IBM TNPM Wireline is vulnerable to Apache Commons Codec.

Nov 23, 2020 7:00 pm EST | High Severity

There is a vulnerability in Apache Commons Codec API that is used by IBM TNPM Wireline . This has been addressed. ...read more


Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities – IBM SDK, Java Technology Edition v8.0.6.11

Nov 23, 2020 7:00 pm EST | High Severity

There are multiple vulnerabilities associated with IBM jdk 8.0.6.11 as listed below: ...read more