Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by an Uncontrolled Recursion Vulnerability in Connect2id Nimbus JOSE + JWT (CVE-2025-53864)

Summary Connect2id Nimbus JOSE + JWT is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCD as part of integrating with OpenID Connect providers OIDC and is affected by an Uncontrolled Recursion Vulnerability. CVE-2025-53864. Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a Denial Of Service Vulnerability in Apache Tomcat (CVE-2025-52520)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD is affected by a Denial Of Service Vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.8, 10.1.42, 9.0.106. Vulnerability Details CVEID:CVE-2025-52520 DESCRIPTION: For some unlikely configurations of multipart upload, an...

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale and the Management GUI are now included (CVE-2025-49146)

Summary The following vulnerabilities that can affect IBM Storage Scale and the Management GUI and could provide weaker than expected security are now fixed CVE-2025-49146. Vulnerability Details CVEID:CVE-2025-49146 DESCRIPTION: pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and unt...

Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (August 2025 - Part 2 of 2)

Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2025-33092 DESCRIPTION: IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is...

Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (August 2025 - Part 1 of 2)

Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2025-31672 DESCRIPTION: Improper Input Validation vulnerability in Apache PO...

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM Installation Manager and IBM Packaging Utility (CVE-2025-21587)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Installation Manager and IBM Packaging Utility. The issues have been addressed in an update Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serve...

Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ Technology Edition shipped with IBM Tivoli Monitoring.

Summary Multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring ITM components. CVE-2025-50106, CVE-2025-30749, CVE-2025-30761 and CVE-2025-30754 Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the Oracle Jav...

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable to Improper Input Validation (CVE-2025-31672)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the improper input validation security vulnerability Vulnerability Details CVEID:CVE-2025-31672 DESCRIPTION: Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to insecure connections due to the redshift package (CVE-2025-5279)

Summary Redshift is used by DataStage on Cloud Pak for Data as part of the dataset processing fuctionality. Vulnerability Details CVEID:CVE-2025-5279 DESCRIPTION: When the Amazon Redshift Python Connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, the driver skips the SS...

Security Bulletin: DataStage on Cloud Pak for Data has several vulnerabilities due to the libxml2 package (CVE-2025-27113, CVE-2025-32414, CVE-2025-32415)

Summary libxml2 is used by DataStage on Cloud Pak for Data as part of XML processing. Vulnerability Details CVEID:CVE-2025-27113 DESCRIPTION: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c. CWE:CWE-476: NULL Pointer Dereference CVSS...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to stack overflows due to the unixODBC package (CVE-2024-1013)

Summary unixODBC is used by DataStage on Cloud Pak for Data as part of database communication. Vulnerability Details CVEID:CVE-2024-1013 DESCRIPTION: An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to buffer overflow due to the zlib package (CVE-2023-45853)

Summary Zlib is used by DataStage on Cloud Pak for Data as part of buffer compression functionality. Vulnerability Details CVEID:CVE-2023-45853 DESCRIPTION: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename,...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to a use-after-free vulnerability due to the libxml2 package (CVE-2025-49794)

Summary libxml2 is used by DataStage on Cloud Pak for Data as part of XML processing. Vulnerability Details CVEID:CVE-2025-49794 DESCRIPTION: A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to stack overwrite due to the libcurl package (CVE-2024-6197)

Summary libcurl is used by DataStage on Cloud Pak for Data as part of API communication. Vulnerability Details CVEID:CVE-2024-6197 DESCRIPTION: libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to improper access control due to the Apache Commons package (CVE-2025-48734)

Summary Apache Commons is used by DataStage on Cloud Pak for Data as part of Java utility functionality. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used t...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to prototype pollution due to the minimist package (CVE-2021-44906)

Summary Minimist is used by DataStage on Cloud Pak for Data as part of the command-line parsing functionality. Vulnerability Details CVEID:CVE-2021-44906 DESCRIPTION: Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. CWE:CWE-1321: Improperly...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to plaintext token modification due to the krb5 package (CVE-2024-37370)

Summary krb5 is used by DataStage on Cloud Pak for Data as part of network authentication. Vulnerability Details CVEID:CVE-2024-37370 DESCRIPTION: In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to out of bounds memory access due to the libarchive package (CVE-2024-37407)

Summary Libarchive is used by DataStage on Cloud Pak for Data as part of archive/compression functionality. Vulnerability Details CVEID:CVE-2024-37407 DESCRIPTION: Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occur...

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.15 LTS and 12.15.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

Security Bulletin: Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code, which affects IBM watsonx.data

Summary Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code. While 1.15.1 introduced a fix to restrict untrusted packages, the default setting of trusted packages still allows malicious classes from these packages to...

Security Bulletin: Vulnerabilities Addressed in IBM Tivoli Network Manager IP Edition (ITNM) version 4.2 Fix Pack 23 (4.2.0.23)

Summary Multiple vulnerabilities were addressed in ITNM version 4.2 Fix Pack 23 4.2.0.23 Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high...

Security Bulletin: Vulnerability in snowflake-jdbc affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary IBM watsonx Orchestrate with watsonx Assistant Cartridge contains a vulnerable version of snowflake-jdbc Vulnerability Details CVEID:CVE-2025-24789 DESCRIPTION: Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake...

Security Bulletin: Vulnerability in libsoup affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary IBM watsonx Orchestrate with watsonx Assistant Cartridge contains a vulnerable version of libsoup Vulnerability Details CVEID:CVE-2025-4948 DESCRIPTION: A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other...

Security Bulletin: Buffer Mismanagement on Gzip Error in Eclipse Jetty (9.4.0–9.4.56) May Lead to Data Corruption or Leakage

Summary In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests. Vulnerability Details CVEID:CVE-2024-13009 DESCRIPTION: In...

Security Bulletin: Insufficiently Random Values in form-data (lib/form_data.js) Leads to HTTP Parameter Pollution (HPP) – Affects versions <2.5.4, 3.0.0–3.0.3, and 4.0.0–4.0.3

Summary Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution HPP. This vulnerability is associated with program files lib/formdata.Js. This issue affects form-data: 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION...

Security Bulletin: EndpointRequest.to() creates a matcher for null/** if the actuator endpoint is disabled or not exposed, which affects IBM watsonx.data

Summary EndpointRequest.to creates a matcher for null/ if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met: You use Spring Security EndpointRequest.to has been used i...

Security Bulletin: In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body, which affects IBM watsonx.data

Summary In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests.T hese can affect watsonx.data. Vulnerability Details...

Security Bulletin: A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, which affects IBM watsonx.data

Summary A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-27820 DESCRIPTION: A bug in PSL validation...

Security Bulletin: An unspecified vulnerability in Java SE related to the Server, which affects IBM watsonx.data

Summary An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high integrity impact. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java S...

Security Bulletin: Malformed Token Parsing Vulnerability Leads to Unexpected Memory Consumption, which affects IBM watsonx.data

Summary An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-22868 DESCRIPTION: An attacker can pass a malicious malformed token which causes unexpected memory to be...

Security Bulletin: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint, which affects IBM watsonx.data

Summary Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from...

Security Bulletin: Tornado multipart/form-data Parser Vulnerability Enables Log-Based DoS Attack (Pre-6.5.0), which affects IBM watsonx.data

Summary Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs,...

Security Bulletin: A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1, which affects IBM watsonx.data

Summary setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in PackageIndex is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the...

Security Bulletin: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS, which affects IBM watsonx.data

Summary Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0. The FileObject API in Commons VFS has a 'resolveFile' method that takes a 'scope' parameter. Specifying 'NameScope.DESCENDENT' promises that "an exception is thrown if the resolved file is not a descendent of the...

Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.

Summary Multiple vulnerabilities were addressed in IBM Concert Software version 2.0.0 Vulnerability Details CVEID:CVE-2015-5305 DESCRIPTION: Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted...

Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.

Summary Multiple vulnerabilities were addressed in IBM Concert Software version 2.0.0 Vulnerability Details CVEID:CVE-2025-33102 DESCRIPTION: IBM Concert Software uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CWE:CWE-327:...

Security Bulletin: SSH servers which implement file transfer protocols are vulnerable, which affects IBM watsonx.data

Summary UsSSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. These can affect watsonx.data. Vulnerability Detail...

Security Bulletin: React Router ≤ 7.5.1 Vulnerability Allows SPA Forcing and Cache Poisoning in SSR Applications, which affects IBM watsonx.data

Summary React Router is a router for React. Starting in version 7.2.0 and prior to version 7.5.2, it is possible to force an application to switch to SPA mode by adding a header to the request. If the application uses SSR and is forced to switch to SPA, this causes an error that completely corrup...

Security Bulletin: This vulnerability can lead to cache poisoning, data exposure, session manipulation, etc , which affects IBM watsonx.data

Summary Gunicorn version 21.2.0 does not properly validate the value of the 'Transfer-Encoding' header as specified in the RFC standards, which leads to the default fallback method of 'Content-Length,' making it vulnerable to TE.CL request smuggling. This vulnerability can lead to cache poisoning...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to tornado-6.4.2-cp38-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl CVE-2025-47287

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to tornado-6.4.2-cp38-abi3-manylinux25x8664.manylinux1x8664.manylinux217x8664.manylinux2014x8664.whl CVE-2025-47287. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service [CVE-2025-7338] and loss of confidentiality [CVE-2025-36133]

Summary IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service and loss of confidentiality. This bulletin provides patch information to address the reported vulnerabilities in the DesignerAuthoring component. CVE-2025-7338 CVE-2025-36133...

Security Bulletin: Due to use of Connect2id Nimbus JOSE+JWT, IBM Watson Studio in Cloud Pak for Data is affected by denial of service

Summary Connect2id Nimbus JOSE+JWT is used by Watson Studio in Cloud Pak for Data. Vulnerability Details CVEID:CVE-2023-52428 DESCRIPTION: In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service resource consumption via a large JWE p2c header value aka iteration cou...

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to data processing errors [CVE-2025-7339]

Summary Node.js module on-headers is used by IBM App Connect Enterprise Certified Container for processing HTTP requests. IBM App Connect Enterprise Certified Container operands are vulnerable to data processing errors. This bulletin provides patch information to address the reported vulnerabilit...

Security Bulletin: A vulnerability in axios may affect IBM Decision Optimization for IBM Cloud Pak for Data (CVE-2024-57965)

Summary There is a vulnerability in axios used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-57965 DESCRIPTION: In axios before 1.7.8,...

Security Bulletin: IBM App Connect Enterprise Certified Container operator and operands are vulnerable to loss of confidentiality

Summary Golang net and crypto packages are used by IBM App Connect Enterprise Certified Container for HTTP communications. IBM App Connect Enterprise Certified Container operator and operands are vulnerable to loss of confidentiality. This bulletin provides patch information to address the report...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to transformers-4.48.0-py3-none-any.whl CVE-2025-2099

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to transformers-4.48.0-py3-none-any.whl CVE-2025-2099. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-2099 DESCRIPTION: A vulnerability in the preprocessstring...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to setuptools-72.1.0-py3-none-any.whl CVE-2025-47273

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to setuptools-72.1.0-py3-none-any.whl CVE-2025-47273. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-47273 DESCRIPTION: setuptools is a package that allows users...

Security Bulletin: A vulnerability in DOMPurify may affect IBM Decision Optimization for IBM Cloud Pak for Data (CVE-2025-48050)

Summary There is a vulnerability in DOMPurify used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-48050 DESCRIPTION: In DOMPurify through 3.2.5 before 6bc6d60,...

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime may affect IBM Decision Optimization for IBM Cloud Pak for Data (CVE-2025-21587, CVE-2025-30698, CVE-2025-2900 and CVE-2025-4447)

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Version 17 used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified...

Security Bulletin: IBM Decision Optimization for Cloud Pak for Data is vulnerable to cross-site scripting attacks (CVE-2025-27793)

Summary There is a vulnerability in Vega used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-27793 DESCRIPTION: Vega is a visualization grammar, a declarative form...