If you have installed IBM Connections component pack 6.0.0.6 or 6.0.0.7 you have to plan immediately to update to the brand new 6.0.0.8 component pack just released over IBM Fixcentral.
The issue was noted inside a package included in the component pack , named event-stream , that was containing a library exploited by a hacker in the public npm repository to include flatmap-stream.
IBM Connections is not using this library so this should not have any real impact on your system but please consider to upgrade your environment soon as possible to avoid any unwanted behavior on your servers.
No comments:
Post a Comment