OpenSSL vulnerabilities were disclosed on December 7, 2017 by the OpenSSL Project. OpenSSL is used by IBM SDK for Node.js. IBM SDK for Node.js has addressed the applicable CVEs.
CVE(s): CVE-2017-3737
Affected product(s) and affected version(s):
These vulnerabilities affect IBM SDK for Node.js v4.8.6.0 and earlier releases.
These vulnerabilities affect IBM SDK for Node.js v6.12.0.0 and earlier releases.
These vulnerabilities affect IBM SDK for Node.js v8.9.0.0 and earlier releases.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=swg22012003
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/136077
The post IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM® SDK for Node.js™ (CVE-2017-3737 CVE-2017-3738) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2nsHfqF
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.