Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM SDK for Node.js in IBM Bluemix
  • Node.js
  • Sydney
  • Description
    OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by the IBM SDK for Node.js. IBM SDK for Node.js has addressed the applicable CVEs including the "DROWN: Decrypting RSA with Obsolete and Weakened eNcryption" vulnerability.

    See the link at the end of this notification for details.