Vulnerabilities in Node.js and the c-ares library were disclosed on July 11 2017 by the Node.js Foundation. IBM SDK for Node.js has addressed the applicable CVEs.
CVE(s): CVE-2017-11499, CVE-2017-1000381
Affected product(s) and affected version(s):
These vulnerabilities affect IBM SDK for Node.js v4.8.3 and earlier releases.
These vulnerabilities affect IBM SDK for Node.js v6.11.0.0 and earlier releases.
These vulnerabilities affect IBM SDK for Node.js v8.1.2.0 and earlier releases.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2eUcQkn
X-Force Database:
X-Force Database: http://ift.tt/2h8Xc5H
The post IBM Security Bulletin: Multiple vulnerabilities might affect IBM® SDK for Node.js™ appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2eTUpwk
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.