5 matches found
CVE-2022-41296
CVE-2022-41296 affects IBM Db2U on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data. Affected: Db2U 3.5–4.5 (releases 3.5 up to refresh 10, 4.0 up to refresh 9, 4.5 up to refresh 3). Root cause: cross-site request forgery allowing an attacker to perform malicious/unauthorized actions tr...
CVE-2023-42005
CVE-2023-42005 affects IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data (versions 3.5 through 4.8 with various refresh levels). The issue allows a user with access to a Kubernetes pod to make system calls, compromising container security. IBM’s remediation is to upgrade to th...
CVE-2025-2669
CVE-2025-2669 affects IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data (versions 4.8, 5.0, 5.1, 5.2, 5.3). The root cause is improper token validation, enabling a privileged user to perform operations and access sensitive information outside their authority. The available sou...
CVE-2024-54178
CVE-2024-54178 concerns IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data, affecting versions 4.8, 5.0, 5.1, 5.2, and 5.3. An authenticated user can cause a denial of service when creating new databases due to improper allocation of resources. The CVSS data indicates a Network...
CVE-2023-33854
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data are affected (versions 4.8, 5.0, 5.1, 5.2, 5.3). The issue allows an authenticated user to bypass client-side validation and manipulate input data via man-in-the-middle techniques. Underlying impact is HIGH for integrity, with ...