Home Unlabelled IBM Security Bulletin: Multiple vulnerabilities in NPM affects IBM API Connect (CVE-2016-3956, CVE-2016-2537, CVE-2016-2515)

IBM Security Bulletin: Multiple vulnerabilities in NPM affects IBM API Connect (CVE-2016-3956, CVE-2016-2537, CVE-2016-2515)

By
Tuesday, July 05, 2016
Read
Add Comment

IBM API Connect is affected by two ReDoS vulnerabilities in modules included in the Node.js npm tool (CVE-2016-2537, CVE-2016-2515) and Node.js Package Manager (npm) Bearer Token Vulnerability (CVE-2016-3956). These vulnerabilities are now fixed.

CVE(s): CVE-2016-2515, CVE-2016-2537, CVE-2016-3956

Affected product(s) and affected version(s):

IBM API Connect V5.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/29L0ODy
X-Force Database: http://ift.tt/1NSj7rH
X-Force Database: http://ift.tt/1rhWrqL
X-Force Database: http://ift.tt/1NSj7rJ



from IBM Product Security Incident Response Team http://ift.tt/29L1gBO
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us