Security Bulletin: IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities bootstrap-3.4.1.tgz observed — CVE-2024-6484

IBM · CVE-2024-6484

ID
CVE-2024-6484

Datum
2026-06-19

Activity
2026-06-19

Quelle
IBM

Risiko
medium

Zusammenfassung

CVE-2024-6484 is a Hinweis from IBM. Security Bulletin: IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities bootstrap-3.4.1.tgz observed Severity/Threat: medium.

Produkt

IBM Engineering Workflow Management

Was tun?

Allgemeine, vorsichtige Schritte (bitte prüfe die offizielle Quelle für Details):

Prüfe Exponierung und plane Maßnahmen nach Risiko und Umfeld.
Identifiziere betroffene Produktversionen und prüfe, ob du betroffen bist.
Spiele Hersteller-Updates/Patches ein oder setze empfohlene Mitigations um.
Lies das offizielle Advisory für betroffene Versionen und konkrete Schritte.

Offizielles Advisory

Mehr dazu

IBM 2026-W25

@jhb.software/payload-cloudinary-plugin: Arbitrary Cloudinary API Parameter Signing

2026-06-20 GHSA-H5X8-XP6M-X6Q4

highGitHub GitHub 2026-W25

Anki's local HTTP server does not sufficiently validate requests

2026-06-20 GHSA-869J-R97X-HX2G

highGitHub GitHub 2026-W25

LangSmith SDK TracingMiddleware: Arbitrary server-side file read

2026-06-20 GHSA-F4XH-W4CJ-QXQ8

highGitHub GitHub 2026-W25

Lokka: Azure Resource Manager URL path validation issue

2026-06-20 GHSA-G2GW-Q38M-VJFC

highGitHub GitHub 2026-W25

pydantic-settings: NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size

2026-06-20 GHSA-4XGF-CPJX-PC3J

mediumGitHub GitHub 2026-W25

Security Bulletin: Multiple Security Vulnerabilities in third-Party libraries used by IBM Tivoli Netcool Configuration Manager

2026-06-20 CVE-2026-5598

criticalIBM 2026-W25