IBM Security Bulletin: Multiple security vulnerabilities affect Liberty for Java for IBM Cloud

Nov 27, 2018 8:01 am EST

Categorized: Medium Severity

Share this post:

There is a potential bypass security vulnerability in the expression language library used by WebSphere Application Server (CVE-2014-7810).

CVE(s): CVE-2014-7810

Affected product(s) and affected version(s):

This vulnerability affects all versions of Liberty for Java in IBM Cloud up to and including v3.25.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10737055
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/103155



from IBM Product Security Incident Response Team https://ift.tt/2KDEJsI