Medium Severity

Security Bulletin: Vulnerabilities in the Java JDK affect IBM Event Streams (CVE-2021-35550, CVE-2021-35603)

Share this post:

There are a number of vulnerabilities in the Java JDK used by IBM Event Streams.

CVE(s): CVE-2021-35550 , CVE-2021-35603

Affected product(s) and affected version(s):

Affected Product(s) Version(s)

BM Event Streams (Continuous Delivery) 

10.0.0, 10.1.0, 10.2.0, 10.3.0, 10.3.1, 10.4.0

IBM Event Streams (Extended Update Support)

10.2.0-eus, 10.2.1-eus (2.2.1, 2.2.2, 2.2.3)

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6611159
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211627
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211676

More stories

Security Bulletin: IBM CICS TX Standard is vulnerable to a local user causing a denial of service. (CVE-2022-34308)

October 4, 2022 | Medium Severity

IBM CICS TX Standard could allow a local user to cause a denial of service due to improper load handling. The fix removes this vulnerability (CVE-2022-34308) from IBM CICS TX Standard. ...read more


Security Bulletin: A security vulnerability has been identified in Apache HttpClient shipped with IBM Tivoli Netcool Impact (CVE-2020-13956)

October 4, 2022 | Medium Severity

Apache HttpClient is shipped with IBM Tivoli Netcool Impact to handle HTTP communications. . Information about a security vulnerability affecting Apache HttpClient has been published in a security bulletin. ...read more


Security Bulletin: A vulnerability in Apache WSS4J affects IBM Tivoli Business Service Manager (CVE-2014-3623)

October 4, 2022 | Medium Severity

Apache WSS4J is shipped with IBM Tivoli Business Manager 6.2.0 as part of its web services infrastructure. Information about security vulnerabilities affecting Apache WSS4J has been published in a security bulletin. ...read more