Authors: Created by IBM

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available.You can track this item individually or track all items by product. Notify me when this APAR changes. Notify me when an APAR for...

Just published by IBM: Read more

Authors: Created by IBM


There is a vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty with the mpGraphQL-1.0 or mpGraphQL-2.0 feature enabled.This has been addressed. CVEID:  CVE-2022-37734[1]
DESCRIPTION:  GraphQL Java is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw.By sending a specially-crafted request using Directive overloading, a remote attacker could exploit this vulnerability to cause a denial of...

Just published by IBM: Read more

Authors: Created by IBM


IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console.This has been addressed. CVEID:  CVE-2022-22477[1]
DESCRIPTION:  IBM WebSphere Application Server is vulnerable to cross-site scripting.This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score:6.1
CVSS Temporal Score:See:...

Just published by IBM: Read more

Weitere Beiträge ...

  1. PH50116:IBM WebSphere Application Server is vulnerable to Cross-site Scripting (CVE-2022-22477 CVSS 6.1)
  2. URBRIDGE REMOVES UNIQUEID FROM PERSONACCOUNT AND GROUP DATAOBJECTS
  3. ADDING CACHE TO URBRIDGE IN FEDERATED REPOSITORIES
  4. IBM WebSphere Application Server is vulnerable to SOAPAction spoofing (CVE-2022-38712)

Seite 25 von 48