Security Bulletin: IBM Terracotta is affected by an Apache Avro vulnerability that could allow code injection leading to access to unauthorized resources

Summary IBM Terracotta uses Apache Avro as part of Apache Parquet used within the IBM Terracotta implementation for data export and import. Vulnerability Details CVEID:CVE-2025-33042 DESCRIPTION: Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Avro Java SDK when...

Security Bulletin: Ehcache library of IBM Terracotta hash flooding DoS vulnerability

Summary The Ehcache 3.x component library of IBM Terracotta was found to have a hash flooding DoS vulnerability that can affect applications that use cache keys directly sourced from end users. Vulnerability Details CVEID:CVE-2025-2529 DESCRIPTION: Applications using affected versions of Ehcache...

IBM Terracotta 安全漏洞

IBM Terracotta is a suite of distributed in-memory data management software from International Business Machines IBM. A security vulnerability exists in IBM Terracotta version 3.x that stems from unfiltered or unsalted handling of externally sourced keys, which could result in degraded cache writ...