Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software included in Rational Developer for i

Security Bulletin

Summary

Vulnerabilities detected in Node.js versions before v14.16.2 that affect the Cordova platform packaged with Rational Developer for i Software.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
Rational Developer for i (RDi) RPG and COBOL + Modernization Tools, Java Edition	All

Remediation/Fixes

Product	Versions(s)	Remediation/First Fix
IBM Rational Developer for i, RPG and COBOL + Modernization Tools, Java Edition	All	Update manually and apply Node.js Patch Update for IBM Rational Developer for i Modernization Tools Java Edition - October 2021 Refer to the security vulnerabilities listed in Security Bulletin: Multiple vulnerabilities affect IBM Rational® Application Developer for WebSphere® Software - September 2021 and Security Bulletin: Multiple vulnerabilities affect IBM Rational® Application Developer for WebSphere® Software - September 2021

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

Subscribe to My Notifications to be notified of important product support alerts like this.

References

Complete CVSS v3 Guide
On-line Calculator v3

Off

Change History

10 Nov 2021: Initial Publication

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

Document Location

Worldwide

[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSAE4W","label":"Rational Developer for i"},"Component":"","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"},{"code":"PF017","label":"Mac OS"}],"Version":"9.6.0, 9.6.0.1, 9.6.0.2, 9.6.0.3, 9.6.0.4, 9.6.0.5, 9.6.0.6, 9.6.0.7, 9.6.0.8, 9.6.0.9, 9.6.0.10, 9.6.0.11","Edition":"Modernization Tools- Java Edition","Line of Business":{"code":"LOB57","label":"Power"}}]

Tips

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software included in Rational Developer for i