New Alerts for Apache Commons and Tomcat, Anthropic, BD, IBM, and Linux.
Apache
Apache Commons FileUpload contains a vulnerability in multi-part file uploads that can cause a DoS.
More info. And here.
Apache Tomcat contains the DoS vulnerability in Commons FileUpload and other vulnerabilities.
More info. And here.
MCP Inspector is vulnerable to RCE due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP commands over stdio. CVSSv4 score of 9.4
More info. And here.
BD has published updates for third-party software included in these products: Pyxis, Data Agent, and Care Coordination Engine.
More info.
IBM has published Critical bulletins for Cloud Pak for Data, Event Processing, Edge Data Collector, MQ Operator and Queue Manager, Db2 products, Robotic Process Automation, Security QRadar EDR, PowerVC, Security Guardium, API Connect, and DataPower Gateway.
More info.
SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
