High Severity

Security Bulletin: Vulnerabilities in Golang Go, PostgreSQL, jQuery, and Google Gson may affect IBM Spectrum Copy Data Management

Share this post:

Vulnerabilities in Golang Go, PostgreSQL, jQuery, and Google Gson such as denial of service, bypassing security restrictions, obtaining sensitive information, cross-site scripting, and execution of arbitrary code may affect IBM Spectrum Copy Data Management.

CVE(s): CVE-2022-24675, CVE-2022-1552, CVE-2022-29526, CVE-2022-31160, CVE-2022-29804, CVE-2022-30580, CVE-2022-30629, CVE-2022-30634, CVE-2021-3677, IBM X-Force ID:   217225

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Spectrum Copy Data Management 2.2.0.0-2.2.16.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6619905
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/224866
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/226521
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/229593
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/231462
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/229857
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/229858
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/229859
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/229860
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/221070

More stories

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility

September 22, 2022 | High Severity

There are multiple vulnerabilities in IBM® Semeru Runtime Certified Edition 11 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. ...read more


Security Bulletin: A spoofing vulnerablity due to an exposure in Eclipse Paho used by IBM WebSphere Application Server Liberty affects TXSeries for Multiplatforms

September 22, 2022 | High Severity

TXSeries for Multiplatforms has addressed the following identity spoofing vulnerability in Eclipse Paho reported by IBM® WebSphere Application Server Liberty ...read more


Security Bulletin: IBM CICS TX Advanced is vulnerable to spoofing due to a flaw in Eclipse Paho, used by IBM WebSphere Application Server Liberty (CVE-2019-11777)

September 22, 2022 | High Severity

WebSphere Application Server Liberty is used by IBM CICS TX Advanced to provide a web based administration console. The fix removes the spoofing vulnerability CVE-2019-11777 from Liberty. ...read more