PH68424:WebSphere Application Server and WebSphere Liberty are affected by SMTP injection due to Jakarta Mail (CVE-2025-7962 CVSS 7.5)

Download

Downloadable File

File link	File size	File description

Abstract

WebSphere Application Server and WebSphere Liberty are affected by SMTP injection due to Jakarta Mail (CVE-2025-7962 CVSS 7.5)

Download Description

View the Security Bulletin

PH68424 resolves the following problem:

ERROR DESCRIPTION:
WebSphere Application Server and WebSphere Liberty are affected by SMTP injection due to Jakarta Mail (CVE-2025-7962 CVSS 7.5)

PROBLEM CONCLUSION:
Confidential for CVE-2025-7962.

The fix for this APAR is targeted for inclusion in 25.0.0.12.

For more information, see Recommended Updates for WebSphere Application Server:
https://www.ibm.com/support/pages/node/715553

Prerequisites

None

Download Package

IMPORTANT NOTE:	WebSphere Application Server and Liberty fix access requires S&S Entitlement beginning in 2021. Use properly registered IDs to download the fixes in this table. Signature file is provided along with interim fix. See Verifying WebSphere Application Server release packages and Verifying Liberty release packages.

IBM Installation Manager packages

DOWNLOAD	RELEASE DATE	URL
25.0.0.11-WS-WLP-IFPH68424	31 October 2025	FC
25.0.0.9-WS-WLP-IFPH68424	31 October 2025	FC
25.0.0.6-WS-WLP-IFPH68424	31 October 2025	FC
24.0.0.12-WS-WLP-IFPH68424	20 November 2025	FC

Archive packages (no IM)

DOWNLOAD	RELEASE DATE	URL
250011-wlp-archive-IFPH68424	31 October 2025	FC
25009-wlp-archive-IFPH68424	31 October 2025	FC
25006-wlp-archive-IFPH68424	31 October 2025	FC
240012-wlp-archive-IFPH68424	20 November 2025	FC

Note: FC stands for Fix Central. Review the What is Fix Central (FC)? FAQs for more details.

Problems Solved

PH68424

Change History

20 November 2025: Added fix for 24.0.0.12.

Technical Support

Contact IBM Support at https://www.ibm.com/mysupport/ or 1-800-IBM-SERV (US only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF017","label":"Mac OS"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"25.0.0.11;25.0.0.6;25.0.0.9","Edition":"Base","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]

Problems (APARS) fixed
PH68424

Was this topic helpful?

Document Information

Modified date:
20 November 2025

UID

ibm17250017

Tips