Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Json-smart

Summary A vulnerability has been identified in Json-smart library, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2023-1370 DESCRIPTION:Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON...

Security Bulletin: A vulnerability in Apache Commons FileUpload may affect IBM Jazz Reporting Service (CVE-2025-48976)

Summary Apache Commons FileUpload is used by IBM Jazz Reporting Service. IBM Jazz Reporting Service has addressed the applicable CVECVE-2025-48976 Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS...

Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Eclipse Paho Java client library

Summary A vulnerability has been identified in Eclipse Paho Java client library, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT serve...

CVE-2025-27550

IBM Jazz Reporting Service could allow an authenticated user on the host network to obtain sensitive information about other projects that reside on the server...

CVE-2025-2134

IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...

CVE-2025-2134 IBM Jazz Reporting Service Denial of Service

IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...

CVE-2025-2134

IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...

CVE-2025-27550

IBM Jazz Reporting Service could allow an authenticated user on the host network to obtain sensitive information about other projects that reside on the server...

CVE-2025-27550 IBM Jazz Reporting Service Information Disclosure

IBM Jazz Reporting Service could allow an authenticated user on the host network to obtain sensitive information about other projects that reside on the server...

CVE-2025-1823

IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources...

CVE-2025-1823 IBM Jazz Reporting Service Denial of Service

IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources...

CVE-2025-1823 IBM Jazz Reporting Service Denial of Service

IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources...

IBM Jazz Reporting Service 安全漏洞

The IBM Jazz Reporting Service JRS is a ready-to-use reporting component developed by the American multinational company IBM. This product includes functions such as report generation, data collection, and lifecycle queries. There is a security vulnerability in the IBM Jazz Reporting Service, whi...

CVE-2025-15395

IBM Jazz Foundation 7.0.3 through 7.0.3 iFix019 and 7.1.0 through 7.1.0 iFix005 is vulnerable to access control violations that allows the users to view or access/perform actions beyond their expected capability...

CVE-2025-15395

IBM Jazz Foundation 7.0.3 through 7.0.3 iFix019 and 7.1.0 through 7.1.0 iFix005 is vulnerable to access control violations that allows the users to view or access/perform actions beyond their expected capability...

CVE-2025-15395

IBM Jazz Foundation 7.0.3 through 7.0.3 iFix019 and 7.1.0 through 7.1.0 iFix005 is vulnerable to access control violations that allows the users to view or access/perform actions beyond their expected capability...

CVE-2025-15395 IBM Jazz Foundation access control violation

IBM Jazz Foundation 7.0.3 through 7.0.3 iFix019 and 7.1.0 through 7.1.0 iFix005 is vulnerable to access control violations that allows the users to view or access/perform actions beyond their expected capability...

CVE-2025-15395

CVE-2025-15395 affects IBM Engineering Lifecycle Management - Jazz Foundation. The vulnerability is an access control violation in Jazz Foundation components: IBM Jazz Foundation 7.0.3 with iFix019 and 7.1.0 with iFix005. Root cause details are not expanded beyond the access-control bypass in the...

CVE-2025-15395 IBM Jazz Foundation access control violation

IBM Jazz Foundation 7.0.3 through 7.0.3 iFix019 and 7.1.0 through 7.1.0 iFix005 is vulnerable to access control violations that allows the users to view or access/perform actions beyond their expected capability...

EUVD-2025-206601

IBM Jazz Foundation 7.0.3 through 7.0.3 iFix019 and 7.1.0 through 7.1.0 iFix005 is vulnerable to access control violations that allows the users to view or access/perform actions beyond their expected capability...