High Severity
Security Bulletin: IBM Informix Dynamic Server is affected to denial of service due to FasterXML jackson-databind (CVE-2020-36518)
May 3, 2022
Categorized: High Severity
Share this post:
There is a denial of service vulnerability in FasterXML jackson-databind (CVE-2020-36518) open source library included in IBM Informix Dynamic Server for IBM InformixHQ. FasterXML jackson-databind 2.13.2.2 resolves the vulnerability.
CVE(s): CVE-2020-36518
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Informix Dynamic Server | 14.10.x |
| IBM Informix Dynamic Server | 12.10.x |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6579513
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/222319
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for June 2022
July 1, 2022 | High Severity
In addition to many updates of open source packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.2-IF012 and 21.0.3-IF010. ...read more
Security Bulletin: Remote code execution vulnerability affect IBM Business Automation Workflow – CVE-2021-43138
July 1, 2022 | High Severity
IBM Business Automation Workflow is vulnerable to a remote code execution attack. ...read more
Security Bulletin: Vulnerabilities in Samba, OpenSSL, Python, and XStream affect IBM Spectrum Protect Plus (CVE-2021-20254, CVE-2021-3712, CVE-2021-43859, CVE-2022-0778, CVE-2020-25717, CVE-2021-23192, CVE-2021-3733)
June 30, 2022 | High Severity
Vulnerabilities in Samba, OpenSSL, Python, and XStream may affect IBM Spectrum Protect Plus. These vulnerabilities include bypassing security restrictions, obtaining sensitive information, denial of service, and elevation of privileges. ...read more