Critical Severity
Security Bulletin: Vulnerabilities in Faster-XML jackson-databind affect IBM Operations Analytics Predictive Insights
Aug 31, 2020 8:04 pm EDT
Categorized: Critical Severity
Share this post:
Faster-XML Jackson-databind (excludes most polymorphic typing gadget attacks) (Publicly disclosed vulnerability) is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. Note that the usage of Jackson-databind within IBM Operations Analytics Predictive Insights is limited to the REST Mediation utility. If you do not have this service installed you are not affected by this bulletin.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Operations Analytics Predictive Insights | 1.3.6 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6324679
Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect TPF Toolkit
Mar 5, 2021 7:00 pm EST | Critical Severity
There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by TPF Toolkit. TPF Toolkit has addressed the applicable CVEs. ...read more
Security Bulletin: Android Mobile SDK compile builder includes vulnerable components
Mar 2, 2021 7:00 pm EST | Critical Severity
A third party JSON parser that Android Mobile SDK uses include vulnerable components. The JSON parser is included in the compile builder provided to customers to compile their Mobile SDK manifest. It is not included within customer apps. ...read more
Security Bulletin: IBM Cloud Private is vulnerable to Go vulnerabilities (CVE-2021-3114, CVE-2021-3115)
Feb 26, 2021 7:00 pm EST | Critical Severity
IBM Cloud Private is vulnerable to Go vulnerabilities ...read more