IBM Support

PH48810:IBM WebSphere Application Server Liberty is vulnerable to a Denial of Service due to Neko HTML (CVE-2022-24839 CVSS 7.5)

Download


Downloadable File

File link File size File description

Abstract

IBM WebSphere Application Server Liberty is vulnerable to a Denial of Service due to Neko HTML (CVE-2022-24839 CVSS 7.5)

Download Description

PH48810 resolves the following problem:

ERROR DESCRIPTION:
IBM WebSphere Application Server Liberty is vulnerable to a Denial of Service due to Neko HTML (CVE-2022-24839 CVSS 7.5).

PROBLEM SUMMARY:
IBM WebSphere Application Server Liberty is vulnerable to a Denial of Service due to Neko HTML (CVE-2022-24839 CVSS 7.5).

PROBLEM CONCLUSION:
Confidential for CVE-2022-24839

The fix for this APAR is currently targeted for inclusion in fix pack Liberty 22.0.0.11.

For more information, see 'Recommended Updates for WebSphere Application Server':
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Prerequisites

None

Installation Instructions

Review the readme.txt for detailed installation instructions.

URL SIZE (Bytes)
22.0.0.10 readme file 2327
22.0.0.10 Archive readme file 2328
22.0.0.9 Archive readme file 2310
22.0.0.6 Archive readme file 2310
22.0.0.3 Archive readme file 2324

Download Package

DOWNLOAD RELEASE DATE SIZE (Bytes) URL
Fix Central (FC) help
22.0.0.10-WS-WLP-IFPH48810 26 September 2022 1367013 FC
22.0.0.3-WS-WLP-IFPH48810 26 September 2022 1361032 FC
22.0.0.6-WS-WLP-IFPH48810 26 September 2022 1364327 FC
22.0.0.9-WS-WLP-IFPH48810 26 September 2022 1367026 FC
220010-wlp-archive-IFPH48810 26 September 2022 1306356 FC
22009-wlp-archive-IFPH48810 26 September 2022 1306329 FC
22006-wlp-archive-IFPH48810 26 September 2022 1303650 FC
22003-wlp-archive-IFPH48810 26 September 2022 1300279 FC

Problems Solved

PH48810

On

Technical Support

Contact IBM Support at https://www.ibm.com/mysupport/ or 1-800-IBM-SERV (US only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF017","label":"Mac OS"},{"code":"PF033","label":"Windows"},{"code":"PF014","label":"iOS"},{"code":"PF035","label":"z\/OS"},{"code":"PF010","label":"HP-UX"},{"code":"PF027","label":"Solaris"}],"Version":"22.0.0.10;22.0.0.3;22.0.0.6;22.0.0.9","Edition":"Base","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
15 November 2022

UID

ibm16824207