Multiple vulnerabilities exist in the Nimbus-JOSE-JWT used by IBM Spectrum Symphony V7.3 and V7.2.1. Interim fixes that provide instructions on upgrading the nimbus-jose-jwt package to version 8.10 are available on IBM Fix Central.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Spectrum Symphony | 7.3 |
| IBM Spectrum Symphony | 7.2.1 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6194271
The post Security Bulletin: Multiple vulnerabilities in Nimbus-JOSE-JWT affect IBM Spectrum Symphony appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2VEcvnS
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.