IBM Db2 On Cloud Pak For Data
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in IBM Db2 On Cloud Pak For Data.
By the Year
In 2026 there have been 3 vulnerabilities in IBM Db2 On Cloud Pak For Data with an average score of 5.9 out of ten. Db2 On Cloud Pak For Data did not have any published security vulnerabilities last year. That is, 3 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 3 | 5.93 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 6.50 |
It may take a day or so for new Db2 On Cloud Pak For Data vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Db2 On Cloud Pak For Data Security Vulnerabilities
IBM Db2 on Cloud Pak for Data <=5.3: Authenticated MITM bypass of clientside validation
CVE-2023-33854
5.3 - Medium
- June 22, 2026
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-side validation and manipulate input data using man in the middle techniques.
Authentication Bypass by Capture-replay
IBM Db2 on Cloud Pak for Data 4.8-5.3 Privileged Token Validation Flaw
CVE-2025-2669
6 - Medium
- June 22, 2026
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token validation.
Improper Certificate Validation
IBM Db2 on Cloud Pak for Data <5.3 - Authenticated DoS on DB creation
CVE-2024-54178
6.5 - Medium
- June 22, 2026
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources.
Allocation of Resources Without Limits or Throttling
IBM Db2U 3.54.5 CSRF: Unauthorized Action Exploitation
CVE-2022-41297
6.5 - Medium
- December 01, 2022
IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237212.
Session Riding
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Db2 On Cloud Pak For Data or by IBM? Click the Watch button to subscribe.
