CVE-2023-35895 – IBM Informix JDBC code execution

https://notcve.org/view.php?id=CVE-2023-35895

20 Dec 2023 — IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 259116. IBM Informix JDBC Driver 4.10 y 4.50 es susceptible a ataques de ejecución remota de código mediante inyección JNDI al pasar un argumento no marcado a una determinada API. ID de IBM X-Force: 259116. • https://exchange.xforce.ibmcloud.com/vulnerabilities/259116 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •