Lucene search
+L

229 matches found

ibm
ibm
added 2026/02/25 4:28 p.m.16 views

Security Bulletin: Multiple vulnerabilities in DataStage on Cloud Pak for Data

Summary DataStage on Cloud Pak for Data is vulnerable to multiple software vulnerabilities due to open source packages. Vulnerability Details CVEID:CVE-2025-61724 DESCRIPTION: The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the...

8.6CVSS7AI score0.00705EPSS
Exploits8Affected Software1
redhatcve
redhatcve
added 2026/02/19 1:27 a.m.5 views

CVE-2025-13691

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system...

8.1CVSS5.5AI score0.0029EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/02/19 1:27 a.m.7 views

CVE-2025-13689

IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands and gain access to sensitive information due to unrestricted file uploads...

8.8CVSS5.9AI score0.00542EPSS
Exploits0References1
nvd
nvd
added 2026/02/17 11:16 p.m.17 views

CVE-2025-13689

IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands and gain access to sensitive information due to unrestricted file uploads...

8.8CVSS0.00542EPSS
Exploits0References1
osv
osv
added 2026/02/17 11:16 p.m.8 views

CVE-2025-13689

IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands and gain access to sensitive information due to unrestricted file uploads...

8.8CVSS6AI score0.00542EPSS
Exploits0References1
cvelist
cvelist
added 2026/02/17 10:26 p.m.31 views

CVE-2025-13689 DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment

IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands and gain access to sensitive information due to unrestricted file uploads...

8.8CVSS0.00542EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/02/17 10:26 p.m.5 views

CVE-2025-13689

IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands and gain access to sensitive information due to unrestricted file uploads...

8.8CVSS5.9AI score0.00542EPSS
Exploits0References2Affected Software1
osv
osv
added 2026/02/17 9:22 p.m.5 views

CVE-2025-13691

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system...

6.5CVSS5.8AI score0.0029EPSS
Exploits0References1
nvd
nvd
added 2026/02/17 9:22 p.m.9 views

CVE-2025-13691

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system...

8.1CVSS0.0029EPSS
Exploits0References1
cve
cve
added 2026/02/17 8:17 p.m.25 views

CVE-2025-13691

CVE-2025-13691 affects IBM DataStage on Cloud Pak for Data versions 5.1.2–5.3.0. The issue arises from HTTP processing that returns sensitive information in responses, which could be used to impersonate other users. IBM’s bulletin cites CVSS v3.1 base score 8.1 (high) with impact on confidentiali...

8.1CVSS5.5AI score0.0029EPSS
Exploits0References1Affected Software1
attackerkb
attackerkb
added 2026/02/17 8:17 p.m.4 views

CVE-2025-13691

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system...

8.1CVSS5.5AI score0.0029EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/02/17 8:17 p.m.4 views

CVE-2025-13691 DataStage on Cloud Pak for Data is vulnerable to sensitive information leaks due to HTTP processing

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system...

8.1CVSS5.5AI score0.0029EPSS
Exploits0References1
cvelist
cvelist
added 2026/02/17 8:17 p.m.30 views

CVE-2025-13691 DataStage on Cloud Pak for Data is vulnerable to sensitive information leaks due to HTTP processing

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system...

8.1CVSS0.0029EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/02/17 12:0 a.m.6 views

PT-2026-20226

Name of the Vulnerable Software and Affected Versions IBM DataStage on Cloud Pak for Data versions 5.1.2 through 5.3.0 Description IBM DataStage on Cloud Pak for Data returns sensitive information in an HTTP response. This information could potentially be used to impersonate other users within th...

8.1CVSS5.4AI score0.0029EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/02/17 12:0 a.m.12 views

IBM DataStage on Cloud Pak for Data 代码问题漏洞

IBM DataStage on Cloud Pak for Data is an enterprise-level data integration solution provided by IBM Corporation. There is a code vulnerability in IBM DataStage on Cloud Pak for Data, which stems from unlimited file uploads. This vulnerability could allow authenticated users to execute arbitrary...

8.8CVSS6.1AI score0.00542EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/02/17 12:0 a.m.9 views

IBM DataStage on Cloud Pak for Data 安全漏洞

IBM DataStage on Cloud Pak for Data is an enterprise-level data integration solution provided by International Business Machines IBM. Versions 5.1.2 to 5.3.0 of IBM DataStage on Cloud Pak for Data contain security vulnerabilities. These vulnerabilities stem from the return of sensitive informatio...

8.1CVSS5.8AI score0.0029EPSS
Exploits0References1
ibm
ibm
added 2026/02/06 2:41 p.m.7 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to sensitive information leaks due to HTTP processing (CVE-2025-13691)

Summary HTTP processing is used by DataStage on Cloud Pak for Data as part of the overall request processing. Vulnerability Details CVEID:CVE-2025-13691 DESCRIPTION: IBM DataStage on Cloud Pak for Data returns sensitive information in an HTTP response that could be used to impersonate other users...

8.1CVSS5.4AI score0.0029EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2026/01/09 9:15 a.m.9 views

CVE-2022-38714

IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that can be read by a privileged user. IBM X-Force ID: 235060...

4.9CVSS5.8AI score0.00589EPSS
Exploits0References1
ibm
ibm
added 2025/12/08 11:2 p.m.6 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to request smuggling due to the Netty package (CVE-2025-58056)

Summary Netty is used by DataStage on Cloud Pak for Data as part of the event processing functionality. Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers and...

7.5CVSS6.6AI score0.00631EPSS
Exploits1Affected Software1
ibm
ibm
added 2025/11/14 3:50 p.m.5 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to denial of service due to the netty package (CVE-2025-58057)

Summary Netty is used by DataStage on Cloud Pak for Data as part of the request processing functionality. Vulnerability Details CVEID:CVE-2025-58057 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol...

7.5CVSS6.5AI score0.00561EPSS
Exploits1Affected Software1
Rows per page
Query Builder