Authors: Created by IBM

Content
This flash contains status information regarding issues (downtime or expected service windows) for the IBM WebSphere Application Server Liberty Repository accessed by WebSphere Liberty's installUtility command during installation and upgrade of Liberty features. IBM will update this page to reflect...

Just published by IBM: Read more

Authors: Created by IBM

IBM WebSphere Application Server Liberty is affected by a security bypass vulnerability in JMS messaging with the wasJmsServer-1.0, wasJmsSecurity-1.0, wasJmsClient-2.0, messagingServer-3.0, messagingSecurity-3.0, or messagingClient-3.0 feature enabled. CVEID:  CVE-2025-36124^[1]
DESCRIPTION:  IBM WebSphere Application Server Liberty could allow a remote attacker to bypass security restrictions caused by a failure to honor JMS messaging configuration.
CWE:  CWE-268:Privilege Chaining^[2]
...

Just published by IBM: Read more

Authors: Created by IBM

Just published by IBM: Read more

Authors: Created by IBM

File link	File size	File description

...

Just published by IBM: Read more

Authors: Created by IBM

There is a vulnerability in Apache Commons FileUpload which affects IBM WebSphere Application Server traditional and affects IBM WebSphere Application Server Liberty with the servlet-3.0, servlet-3.1, servlet-4.0, servlet-5.0 or servlet-6.0 feature enabled. CVEID: CVE-2025-48976^[1]
DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload.This issue affects Apache Commons FileUpload:from 1.0 before 1.6;from 2.0.0-M1 before 2.0.0-M4.Users are...

Just published by IBM: Read more