468 matches found
Security Bulletin: A vulnerability in Apache Commons Lang may affect IBM Jazz Reporting Service (CVE-2025-48924)
Summary Apache Commons Lang is used by IBM Jazz Reporting Service. IBM Jazz Reporting Service has addressed the applicable CVE CVE-2025-48924. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lan...
Security Bulletin: A vulnerability in Apache Commons FileUpload may affect IBM Jazz Reporting Service (CVE-2025-48976)
Summary Apache Commons FileUpload is used by IBM Jazz Reporting Service. IBM Jazz Reporting Service has addressed the applicable CVECVE-2025-48976 Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS...
Security Bulletin: IBM Jazz Reporting Service (Lifecycle Query Engine - LQE) is affected by SPARQL Exposure and Denial‑of‑Service Vulnerabilities.
Summary Multiple vulnerabilities were identified in IBM Jazz Reporting Service Lifecycle Query Engine - LQE SPARQL endpoints that may allow information disclosure and service degradation by authenticated, lower‑privileged users with network access CVE-2025-27550, CVE-2025-2134, CVE-2025-1823...
CVE-2025-1823
IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources...
CVE-2025-2134
IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...
CVE-2025-2134
IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...
CVE-2025-2134
IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...
CVE-2025-27550
IBM Jazz Reporting Service could allow an authenticated user on the host network to obtain sensitive information about other projects that reside on the server...
CVE-2025-1823
IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources...
CVE-2025-27550
IBM Jazz Reporting Service could allow an authenticated user on the host network to obtain sensitive information about other projects that reside on the server...
CVE-2025-1823
IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources...
EUVD-2025-206775
IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...
CVE-2025-2134
IBM Jazz Reporting Service (Lifecycle Query Engine, LQE) is affected by CVE-2025-2134. The issue is caused by insufficient resource pooling, allowing an authenticated user on the network to affect system performance through complex queries. Affected versions include IBM Jazz Reporting Service 7.1...
CVE-2025-2134
IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...
CVE-2025-2134 IBM Jazz Reporting Service Denial of Service
IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...
CVE-2025-27550 IBM Jazz Reporting Service Information Disclosure
IBM Jazz Reporting Service could allow an authenticated user on the host network to obtain sensitive information about other projects that reside on the server...
CVE-2025-27550
IBM Jazz Reporting Service could allow an authenticated user on the host network to obtain sensitive information about other projects that reside on the server...
EUVD-2025-206774
IBM Jazz Reporting Service could allow an authenticated user on the host network to obtain sensitive information about other projects that reside on the server...
CVE-2025-27550
CVE-2025-27550 concerns IBM Jazz Reporting Service (LQE). The issue: an authenticated user on the host network could obtain sensitive information about other projects resident on the server, indicating an information-disclosure vulnerability. IBM bulletin details affected products/versions and fi...
CVE-2025-27550 IBM Jazz Reporting Service Information Disclosure
IBM Jazz Reporting Service could allow an authenticated user on the host network to obtain sensitive information about other projects that reside on the server...