Medium Severity

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure and denial of service (CVE-2020-4414)

Share this post:

IBM® Db2® could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service.

Affected product(s) and affected version(s):

All fix pack levels of IBM Db2 V9.7, V10.1, V10.5, V11.1, and V11.5 editions on all platforms are affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6242356

More stories

Security Bulletin: A vulnerability in IBM Java Runtime affects SPSS Collaboration and Deployment Services (CVE-2022-21496)

September 28, 2022 | Medium Severity

There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by SPSS Collaboration and Deployment Services. This issue has been addressed. ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Decision Optimization Center (CVE-2022-21496, CVE-2022-21434, CVE-2022-21443)

September 28, 2022 | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVEs. ...read more


Security Bulletin: Vulnerabilities in IBM Semeru Runtime affect SPSS Collaboration and Deployment Services (CVE-2022-21496, CVE-2022-21426)

September 28, 2022 | Medium Severity

There are vulnerabilities in IBM® Semeru Runtime Open Edition 11 used by SPSS Collaboration and Deployment Services. The issues have been addressed. ...read more