Db2 Security Vulnerabilities and Issues — Db2 CVE List

Lucene search

IbmDb2

6 matches found

CVE•added 2021/06/24 7:15 p.m.•86 views

CVE-2021-20579

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user who can create a view or inline SQL function to obtain sensitive information when AUTO_REVAL is set to DEFFERED_FORCE. IBM X-Force ID: 199283.

6.5CVSS6.8AI score0.00355EPSS

CVE•added 2021/06/24 7:15 p.m.•80 views

CVE-2021-29703

Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200659.

7.5CVSS7.2AI score0.00642EPSS

CVE•added 2021/06/24 7:15 p.m.•79 views

CVE-2021-29777

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5, under specific circumstance of a table being dropped while being accessed in another session, could allow an authenticated user to cause a denial of srevice IBM X-Force ID: 203031.

6.5CVSS6.5AI score0.00414EPSS

CVE•added 2021/06/24 7:15 p.m.•66 views

CVE-2020-4885

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow a local user to access and change the configuration of Db2 due to a race condition of a symbolic link,. IBM X-Force ID: 190909.

6.2CVSS5.6AI score0.00153EPSS

CVE•added 2021/06/24 7:15 p.m.•60 views

CVE-2020-4945

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to overwrite arbirary files due to improper group permissions. IBM X-Force ID: 191945.

8.1CVSS7.6AI score0.00159EPSS

CVE•added 2021/06/16 5:15 p.m.•42 views

CVE-2021-29702

Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200658.

7.5CVSS7.2AI score0.00755EPSS