Security Bulletin: IBM Engineering Lifecycle Management - Engineering Test Management is impacted by vulnerabilities in Eclipse IDE versions

Summary Vulnerabilities have been identified in Eclipse IDE versions before 2023-09 4.29, which is used in IBM Engineering Lifecycle Management - Engineering Test Management Vulnerability Details CVEID:CVE-2023-4218 DESCRIPTION: In Eclipse IDE versions 2023-09 4.29 some files with xml content are...

Security Bulletin: IBM Engineering Lifecycle Management - Engineering Test Management is impacted by vulnerabilities in Apache PDFBox

Summary Vulnerabilities have been identified in Apache PDFBox, which is used in IBM Engineering Lifecycle Management - Engineering Test Management Vulnerability Details CVEID:CVE-2021-27807 DESCRIPTION: A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue...

CVE-2016-0316

IBM Jazz Reporting Service’s Lifecycle Query Engine (LQE) is affected by CVE-2016-0316 (XSS). Affected products: Jazz Reporting Service 6.0 and 6.0.1; 6.0.1 is vulnerable to all listed issues, while 6.0.2 is affected by CVE-2016-0316. The vulnerability arises from improper validation of user-supp...

CVE-2016-0319

CVE-2016-0319 affects IBM Jazz Reporting Service (LQE) bundled with Jazz Reporting Service versions 6.0 and 6.0.1. The issue arises in the XML parser when processing XML data: an external entity declaration together with an entity reference enables a local authenticated administrator to read arbi...