Summary There is a vulnerability in the Netty library used by IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, with the grpc-1.0 or grpcClient-1.0 feature enabled. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s) and Version(s)| Affecting Product(s) and Version(s) —|— IBM WebSphere Hybrid Edition 5.1 | IBM WebSphere Application Server Liberty 21.0.0.2 – 25.0.0.3 Remediation/Fixes IBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the APAR PH65529, as described in Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Netty (CVE-2025-25193). Workarounds and Mitigations…Read More