High Severity

IBM Security Bulletin: Multiple OpenSource Expat XML Vulnerabilities affect IBM DB2 Net Search Extender for Linux, Unix and Windows

Share this post:

There are multiple vulnerabilities in open source expat XML parser that is used in DB2 Net Search Extender.

CVE(s): CVE-2012-0876, CVE-2012-1147, CVE-2012-1148, CVE-2015-1283, CVE-2015-2716, CVE-2016-4472, CVE-2016-0718, CVE-2016-5300

Affected product(s) and affected version(s):

DB2 Net Search Extender V9.7, V10.1, V10.5 and V11.1 for all supported platforms

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg21992933
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/73868
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/73866
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/73867
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/104964
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/103214
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/114683
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/113408
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/114435

More stories

Security Bulletin: This Power System update is being released to address CVE 2020-25705

Dec 2, 2021 7:02 pm EST | High Severity

POWER9: In response to security issues with BMC's UDP network service, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2020-25705. ...read more


Security Bulletin: This Power System update is being released to address CVE 2020-1971

Dec 2, 2021 7:02 pm EST | High Severity

POWER9: In response to a security issue with BMC's HTTPS server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2020-1971. ...read more


Security Bulletin: Vulnerabilities in Node.js affect IBM Integration Bus v10 (CVE-2021-37713)

Dec 2, 2021 7:01 pm EST | High Severity

IBM Integration Bus ships with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. ...read more