6 matches found
CVE-2024-39750
CVE-2024-39750 affects IBM Analytics Content Hub 2.0. The vulnerability is a buffer overflow caused by improper return length checking, which could allow a remote authenticated attacker to overflow a buffer and execute arbitrary code or crash the server. Remediation: upgrade IBM Analytics Content...
CVE-2024-35134
CVE-2024-35134 concerns IBM Analytics Content Hub 2.0 where a remote attacker could obtain sensitive information via detailed browser error messages. Affected: IBM Analytics Content Hub 2.0. Root cause: generation of detailed error messages that reveal sensitive info. Impact: information disclosu...
CVE-2024-37524
CVE-2024-37524 affects IBM Analytics Content Hub versions 2.0–2.3. The root cause is the return of a detailed technical error message in the browser, enabling an information disclosure vulnerability. The CVSS base score is 5.3 (Medium) with network attack vector and no user interaction required, ...
CVE-2024-38327
CVE-2024-38327 affects IBM Analytics Content Hub (versions 2.0–2.3). Affected component is the exposed JavaScript source map, which can enable information disclosure and potentially aid attacks by reading/debugging the API’s JavaScript. The reported impact is information exposure with potential f...
CVE-2025-36090
CVE-2025-36090 affects IBM Analytics Content Hub versions 2.0–2.3. The vulnerability stems from returning detailed technical error messages that disclose information about the application framework, enabling information disclosure that could aid reconnaissance for future attacks. Affected product...
CVE-2024-39752
IBM Analytics Content Hub 2.0–2.3 includes a vulnerability where uploaded files are not validated by type in Explore Content, enabling potential malicious executable uploads. The issue is documented with a high-severity CVSS indicating impact on confidentiality, integrity, and availability. Remed...