High Severity

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2020-11655, CVE-2020-11656)

Share this post:

SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object’s initialization is mishandled. Or the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Tivoli Composite Application Manager for Transactions (Response Time) 7.4.0.2
IBM Tivoli Composite Application Manager for Transactions (Response Time) 7.4.0.1
IBM Cloud Application Performance Management – Response Time Monitoring Agent 8.1.4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6258179

More stories

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms Jul 2020

Oct 22, 2020 8:00 pm EDT | High Severity

There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.0 to 4.1.0.3 and IBM SDK Java Technology Edition, Version 8 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.4 to 4.1.0.5. These issues were disclosed as part of the IBM Java SDK updates in July 2020. ...read more


Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Oct 22, 2020 8:00 pm EDT | High Severity

IBM Security Guardium has fixed this vulnerability ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF

Oct 22, 2020 8:00 pm EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by the z/TPF system. z/TPF has addressed the applicable CVEs. ...read more