IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software

Multiple Node.js vulnerabilities were disclosed by the Node.js project. Node.js is used by the Cordova tools in IBM Rational Application Developer for WebSphere Software. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVEs.

CVE(s): CVE-2018-0734, CVE-2018-0735, CVE-2018-5407, CVE-2018-12116, CVE-2018-12123, CVE-2018-12120, CVE-2018-12121, CVE-2018-12122

Affected product(s) and affected version(s):

Rational Application Developer 9.1 Rational Application Developer 9.5 Rational Application Developer 9.6 Rational Application Developer 9.7

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10794537
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152085
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133784
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152484
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153452
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153457
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153454
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153455
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153456

The post IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ibm.co/2R8NzQQ