High Severity

Security Bulletin: IBM Informix Dynamic Server is affected to denial of service due to FasterXML jackson-databind (CVE-2020-36518)

Share this post:

There is a denial of service vulnerability in FasterXML jackson-databind (CVE-2020-36518) open source library included in IBM Informix Dynamic Server for IBM InformixHQ. FasterXML jackson-databind 2.13.2.2 resolves the vulnerability.

CVE(s): CVE-2020-36518

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Informix Dynamic Server 14.10.x
IBM Informix Dynamic Server 12.10.x

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6579513
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/222319

More stories

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for June 2022

July 1, 2022 | High Severity

In addition to many updates of open source packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.2-IF012 and 21.0.3-IF010. ...read more


Security Bulletin: Remote code execution vulnerability affect IBM Business Automation Workflow – CVE-2021-43138

July 1, 2022 | High Severity

IBM Business Automation Workflow is vulnerable to a remote code execution attack. ...read more


Security Bulletin: Vulnerabilities in Samba, OpenSSL, Python, and XStream affect IBM Spectrum Protect Plus (CVE-2021-20254, CVE-2021-3712, CVE-2021-43859, CVE-2022-0778, CVE-2020-25717, CVE-2021-23192, CVE-2021-3733)

June 30, 2022 | High Severity

Vulnerabilities in Samba, OpenSSL, Python, and XStream may affect IBM Spectrum Protect Plus. These vulnerabilities include bypassing security restrictions, obtaining sensitive information, denial of service, and elevation of privileges. ...read more