Authors: Created by IBM


IBM WebSphere Application Server Liberty is vulnerable to a denial of service with the openidConnectClient-1.0 or socialLogin-1.0 feature enabled. CVEID:  CVE-2024-22353[1]
DESCRIPTION:  IBM WebSphere Application Server Liberty is vulnerable to a denial of service, caused by sending a specially crafted request.A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
CVSS Base score:5.9
CVSS Temporal Score:See:...

Just published by IBM: Read more

Authors: Created by IBM


IBM WebSphere Application Server Liberty is vulnerable to cross-site scripting with the servlet-6.0 feature enabled.

CVEID:  CVE-2024-27270[1]
DESCRIPTION:  IBM WebSphere Application Server Liberty is vulnerable to cross-site scripting.This vulnerability allows users to embed arbitrary JavaScript code in a specially crafted URI.
CVSS Base score:4.7
CVSS Temporal Score:See:https://exchange.xforce.ibmcloud.com/vulnerabilities/284576[2]...

Just published by IBM: Read more

Authors: Created by IBM


IBM WebSphere Application Server Liberty Fix pack 24.0.0.3 for all platforms.

Notice: Read the important information included in this document in the Known side effects[1] section and Regression List[2] for changes with negative effects.

WebSphere Application Server Liberty 24.0.0.3 content on Fix Central is provided:...

    Just published by IBM: Read more

    Weitere Beiträge ...

    1. WebSphere Application Server traditional Version 9.0.5.19
    2. PH59243: NULLPOINTEREXCEPTION IN SIP CODE
    3. IllegalArgumentException when enabling SP800-131/FIPS140-2 with TLSv1.3 post Java upgarde to SR8FP5 and later.
    4. PH59304:IllegalArgumentException when enabling SP800-131/FIPS140-2 with TLSv1.3

    Seite 6 von 51