Regarding the security alert on View, the customer is checking if this vulnerability is about use of the web-interface to View, or the product itself.
The View vulnerabilities were not vulnerabilities, but were unexpected results from the IBM vulnerability test. In View PTF LU09327, which affects the View base component FMID CBRME00, there are changes for View to not be marked as a vulnerability or an unknown.
For more information on the vulnerability, see here: View 14.0 vulnerability