Security Bulletin: IBM SPSS Analytic Server is affected by a jackson-core async parser DoS vulnerability (WS-2026-0003)

Summary IBM SPSS Analytic Server is affected by a jackson-core async parser DoS vulnerability WS-2026-0003. This has been addressed in the remediation section. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength...

Security Bulletin: IBM SPSS Analytic Server is affected by a TLS hostname verification vulnerability in Apache Log4j Core (CVE-2025-68161)

Summary IBM SPSS Analytic Server is affected by a TLS hostname verification vulnerability in Apache Log4j Core CVE-2025-68161. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9...

Security Bulletin: IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty (CVE-2024-29371, CVE-2025-14923)

Summary IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty CVE-2024-29371, CVE-2025-14923. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before 0.9.6, an attacker can...

Security Bulletin: IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty (CVE-2025-14914, CVE-2025-12635)

Summary IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty CVE-2025-14914, CVE-2025-12635. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-14914 DESCRIPTION: IBM WebSphere Application Server Liberty...

Security Bulletin: IBM SPSS Analytic Server is affected by CRLF injection vulnerability in Netty Codec (CVE-2025-67735)

Summary IBM SPSS Analytic Server is affected by CRLF injection vulnerability in Netty Codec CVE-2025-67735. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-67735 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions...

Security Bulletin: IBM SPSS Analytic Server is affected by Critical XXE vulnerability in Apache Tika (CVE-2025-66516)

Summary IBM SPSS Analytic Server is affected by Critical XXE vulnerability in Apache Tika CVE-2025-66516. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-66516 DESCRIPTION: Critical XXE in Apache Tika tika-core 1.13-3.2.1, tika-pdf-module 2.0.0-3.2.1 and...

Security Bulletin: IBM SPSS Analytic Server is affected by XML External Entity injection vulnerability in Apache Tika (CVE-2025-54988)

Summary IBM SPSS Analytic Server is affected by XML External Entity injection vulnerability in Apache Tika CVE-2025-54988. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-54988 DESCRIPTION: Critical XXE in Apache Tika tika-parser-pdf-module in Apache Tika...

Security Bulletin: IBM SPSS Analytic Server is affected by weaker than expected security due to crypto.js in IBM WebSphere Application Server Liberty (CVE-2020-36732)

Summary IBM SPSS Analytic Server is affected by weaker than expected security due to crypto.js in IBM WebSphere Application Server Liberty. CVE-2020-36732. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2020-36732 DESCRIPTION: The crypto-js package before 3.2....

Security Bulletin: IBM SPSS Analytic Server is affected by a vulnerability in Apache Commons Lang (CVE-2025-48924).

Summary IBM SPSS Analytic Server is affected by a vulnerability in Apache Commons Lang CVE-2025-48924. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache...

EUVD-2014-0950

Malware in sbrugna...

Security Bulletin: IBM SPSS Analytic Server is affected by multiple vulnerabilities in Netty Codec (CVE-2025-58056, CVE-2025-55163, CVE-2025-58057).

Summary IBM SPSS Analytic Server is affected by multiple vulnerabilities in Netty Codec CVE-2025-58056, CVE-2025-55163, CVE-2025-58057. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-55163 DESCRIPTION: Netty is an asynchronous, event-driven network...

Security Bulletin: IBM SPSS Analytic Server is affected by a Denial of Service (DoS) vulnerability in Apache Commons FileUpload.

Summary IBM SPSS Analytic Server is affected by a Denial of Service DoS vulnerability in Apache Commons FileUpload. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits...

Security Bulletin: IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty (CVE-2024-56339, CVE-2025-36047, CVE-2025-36124, CVE-2025-36000, CVE-2025-36097, CVE-2025-48976)

Summary IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty CVE-2024-56339,CVE-2025-36047, CVE-2025-36124, CVE-2025-36000, CVE-2025-36097, CVE-2025-48976. This has been addressed in the remediation section. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities disclosed in Netty affect IBM SPSS Analytic Server

Summary Multiple vulnerabilities disclosed in Netty affect IBM SPSS Analytic Server CVE-2025-24970, CVE-2025-25193. These have been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has...

Security Bulletin: Denial of Service vulnerability in WebSphere Liberty affects IBM SPSS Analytic Server (CVE-2023-38737)

Summary Denial of Service vulnerability in WebSphere Liberty affects IBM SPSS Analytic Server CVE-2023-38737. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2023-38737 DESCRIPTION: IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerab...

Security Bulletin: Denial of Service vulnerability in WebSphere Liberty affects IBM SPSS Analytic Server (CVE-2024-40094)

Summary Denial of Service vulnerability in WebSphere Liberty affects IBM SPSS Analytic Server. This vulnerabilitiy has been addressed. Please read the details for remediation below. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

Security Bulletin: IBM SPSS Analytic Server is vulnerable to an XML External Entity (XXE) injection vulnerability (CVE-2024-22354)

Summary IBM SPSS Analytic Server is vulnerable to an XML External Entity XXE injection vulnerability CVE-2024-22354. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM SPSS Analytic...

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server Liberty may affect IBM SPSS Analytic Server

Summary Multiple vulnerabilities in WebSphere Application Server Liberty may affect IBM SPSS Analytic Server CVE-2024-7254, CVE-2023-50314 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|-...

Security Bulletin: IBM SPSS Analytic Server is affected by netty vulnerability (CVE-2024-29025)

Summary IBM SPSS Analytic Server uses netty-codec-http-4.1.100.Final.jar which is vulnerable to CVE-2024-29025. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-29025 DESCRIPTION: Netty is an asynchronous event-driven network...

Security Bulletin: Multiple vulnerabilities may affect IBM SPSS Analytic Server

Summary Multiple vulnerabilities in IBM WebSphere Application Server Liberty were addressed in IBM SPSS Analytic Server. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM SPSS Analyt...