8 matches found
EUVD-2025-209974
IBM Cognos Analytics 11.2.0, 11.2.4, 12.0, and 12.1.0 and IBM Cognos Transformer 11.2.4, 12.0, and 12.1.0 are vulnerable to cross-site scripting XSS. This vulnerability allows a remote attacker to inject arbitrary JavaScript code into the web user interface, which may alter the intended...
CVE-2025-3633
IBM Cognos Analytics 11.2.0, 11.2.4, 12.0, and 12.1.0 and IBM Cognos Transformer 11.2.4, 12.0, and 12.1.0 are vulnerable to cross-site scripting XSS. This vulnerability allows a remote attacker to inject arbitrary JavaScript code into the web user interface, which may alter the intended...
CVE-2025-3633 IBM Cognos Analytics is affected by multiple security vulnerabilities
IBM Cognos Analytics 11.2.0, 11.2.4, 12.0, and 12.1.0 and IBM Cognos Transformer 11.2.4, 12.0, and 12.1.0 are vulnerable to cross-site scripting XSS. This vulnerability allows a remote attacker to inject arbitrary JavaScript code into the web user interface, which may alter the intended...
Security Bulletin: IBM Cognos Transformer is affected by vulnerabilities in IBM® Java™
Summary There are vulnerabilities in IBM® Java™ Version 8 used by IBM Cognos Transformer. Vulnerability Details CVEID:CVE-2024-21131 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low integrity impact. CVSS Source: IBM X-For...
Security Bulletin: IBM Cognos Transformer has addressed a vulnerability in FreeType (CVE-2025-27363)
Summary IBM Cognos Transformer is considered affected by an arbitrary code execution in FreeType CVE-2025-27363. Vulnerability Details CVEID:CVE-2025-27363 DESCRIPTION: An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attemptin...
Security Bulletin: IBM Cognos Transformer is affected by vulnerabilities in IBM® Java™ and Bouncy Castle Crypto Package For Java
Summary There are vulnerabilities in IBM® Java™ and Bouncy Castle Crypto Package For Java consumed by IBM Cognos Transformer. For more information about the vulnerability impact, refer to the table in the "Related Information" section. This Security Bulletin relates only to third-party components...
Security Bulletin: IBM Cognos Transformer is affected by vulnerabilities in IBM® Java™
Summary Vulnerabilities in IBM® Java™ Version 8 that is consumed by IBM Cognos Transformer have been addressed. Please refer to the table in the Related Information section for vulnerability impact. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE...
Security Bulletin: IBM Cognos Transformer is affected by security vulnerabilities
Summary There are vulnerabilities in Apache Xalan, Apache Commons Codec, IBM® Java™ Version 8, and OpenSSL that are consumed by IBM Cognos Transformer. These have been addressed by upgrading or removing the vulnerable libraries. Please refer to the table in the Related Information section for...