Security Bulletin: Several vulnerabilities affect Liberty for Java for IBM Bluemix (CVE-2016-2923, CVE-2016-2945, CVE-2016-0359)
- Liberty for Java
- SydneyLondonDallas
Description
There is an information disclosure vulnerability in IBM WebSphere Application Server Liberty for any users of the JAX-RS API. There is a potential for weaker than expected security when using the WebSphere Application Server Liberty profile API Discovery feature and Swagger documents. There is a potential HTTP response splitting vulnerability in IBM WebSphere Application Server.
A user action is needed to update your instances.
For more information, see the security bulletin.
A user action is needed to update your instances.
For more information, see the security bulletin.