IBM Product Security Update Advisory

Jan 08 2025

Overview

IBM has released a security update that addresses a vulnerability in IBM Engineering Lifecycle Optimization – Publishing (PUB). Users of affected products are advised to update to the latest version.

Affected Products

CVE-2024-41766, CVE-2024-41767

PUB Version: 7.0.2
PUB Version: 7.0.3

Resolved Vulnerabilities

Dos attack vulnerability when using regular expressions by remote attackers (CVE-2024-41766)
SQL injection vulnerability by remote attackers (CVE-2024-41767)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-41766, CVE-2024-41767

PUB Version: 7.0.2 iFix032 or later
PUB Version: 7.0.3 iFix010 or later

References

[1] Security Bulletin: IBM Engineering Lifecycle Optimization – Publishing could allow a remote attacker to cause a denial of service using a complex regular expression.
https://www.ibm.com/support/pages/node/7180203
[2] Security Bulletin: IBM Engineering Lifecycle Optimization – Publishing is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow
https://www.ibm.com/support/pages/node/7180199

IBM Product Security Update Advisory

WordPress Plugin Security Update Advisory (CVE-2024-10957)

WordPress Plugin Security Update Advisory (CVE-2024-11613)

Tags:

WordPress Plugin Security Update Advisory (CVE-2024-10957)

WordPress Plugin Security Update Advisory (CVE-2024-11613)