5 matches found
Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities
Summary Security vulnerabilities have been addressed in IBM Cognos Analytics 11.1.7 Fix Pack 7. These vulnerabilities have also been previously addressed in IBM Cognos Analytics 11.2.4 and 11.2.4 FP1. IBM WebSphere Liberty used in IBM Cognos Analytics is vulnerable to an HTTP Header Injection...
Security Bulletin: Vulnerability from Apache Calcite affect IBM Operations Analytics - Log Analysis (CVE-2022-39135)
Summary In Apache Calcite, the SQL operators do not restrict XML External Entity references in their configuration. This makes them vulnerable to a potential XML External Entity XXE attack. Vulnerability Details CVEID:CVE-2022-39135 DESCRIPTION: Apache Calcite is vulnerable to an XML external...
CVE-2022-39135 vulnerabilities
Vulnerabilities for packages: trino...
CVE-2022-39135 vulnerabilities
Vulnerabilities for packages: trino...
CVE-2022-39135 Apache Calcite: potential XEE attacks
Apache Calcite 1.22.0 introduced the SQL operators EXISTSNODE, EXTRACTXML, XMLTRANSFORM and EXTRACTVALUE do not restrict XML External Entity references in their configuration, making them vulnerable to a potential XML External Entity XXE attack. Therefore any client exposing these operators,...