VYPR

Db2 JDBC Driver

by IBM

CVEs (3)

  • CVE-2023-27869MedJul 10, 2023
    risk 0.41cvss 6.3epss 0.01

    IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked logger injection. By sending a specially crafted request using the named traceFile property,…

  • CVE-2023-27868MedJul 10, 2023
    risk 0.41cvss 6.3epss 0.01

    IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked class instantiation when providing plugin classes. By sending a specially crafted request…

  • CVE-2023-27867MedJul 10, 2023
    risk 0.41cvss 6.3epss 0.01

    IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code via JNDI Injection. By sending a specially crafted request using the property clientRerouteServerListJNDIName, an attacker could…