Critical Severity

Security Bulletin: Vulnerability in Xerces-C (CVE-2018-1311)

Share this post:

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. XML parser contains a use-after-free error triggered during the scanning of external DTDs (CVE-2018-1311)

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
HMC V9.1.910.0 V9.1.910.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6203765

More stories

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Sep 13, 2021 8:01 pm EDT | Critical Severity

IBM Security Guardium has fixed these vulnerabilities ...read more


Security Bulletin: Multiple vulnerabilities in ICU libraries used in IBM DataPower Gateway

Sep 10, 2021 8:04 pm EDT | Critical Severity

IBM has addressed the following vulnerabilities in the ICU libraries used by drouter: CVE-2014-8147, CVE-2014-8146, CVE-2017-14952, CVE-2020-10531, ...read more


Security Bulletin: OpenSSL Vulnerability Affects IBM Sterling Connect:Express for UNIX (CVE-2021-3711)

Sep 9, 2021 8:00 pm EDT | Critical Severity

Security vulnerability have been disclosed on 24th August 2021 by the OpenSSL Project. OpenSSl is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. ...read more