Db2 Warehouse on Cloud Pak for Data

CVEs (4)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2023-33854	IBM Db2 Warehouse on Cloud Pak for Data	—	—	Jun 22, 2026	IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-side validation and manipulate input data using man in the middle techniques.
CVE-2025-2669	IBM Db2 Warehouse on Cloud Pak for Data	—	—	Jun 22, 2026	IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token validation.
CVE-2024-54178	IBM Db2 Warehouse on Cloud Pak for Data	—	—	Jun 22, 2026	IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources.
CVE-2023-42005	IBM Db2 Warehouse on Cloud Pak for Data	—	0.00	May 29, 2024	IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to make system calls compromising the security of containers. IBM X-Force ID: 265264.

CVE-2023-33854Jun 22, 2026
IBM
Db2 Warehouse on Cloud Pak for Data
risk 0.00cvss —epss —
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-side validation and manipulate input data using man in the middle techniques.
CVE-2025-2669Jun 22, 2026
IBM
Db2 Warehouse on Cloud Pak for Data
risk 0.00cvss —epss —
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token validation.
CVE-2024-54178Jun 22, 2026
IBM
Db2 Warehouse on Cloud Pak for Data
risk 0.00cvss —epss —
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources.
CVE-2023-42005May 29, 2024
IBM
Db2 Warehouse on Cloud Pak for Data
risk 0.00cvss —epss 0.00
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to make system calls compromising the security of containers. IBM X-Force ID: 265264.