High Severity

Security Bulletin: CSV Injection (CVE-2019-4490)

Share this post:

Maliciously crafted data in UCD could generate a malicious csv download file, when opened with certain unpactched 3rd party tools.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
UCD – IBM UrbanCode Deploy All

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1107249

More stories

Security Bulletin: Multiple Vulnerabilities identified in IBM StoredIQ

Feb 20, 2020 7:00 pm EST | High Severity

Multiple vulnerabilities in bundled software packages affect IBM StoredIQ. IBM StoredIQ has addressed the applicable CVEs. ...read more

Security Bulletin: SQL Injection Affects IBM Emptoris Spend Analysis (CVE-2019-4752)

Feb 19, 2020 7:01 pm EST | High Severity

SQL Injection affects IBM Emptoris Spend Analysis. ...read more