Latest on Third-party Zero-Day Vulnerability Updates | Informatica

Compliance
Security
Policy
Informatica Home
Status
More
- Manage your Success Plans and Engagements, gain key insights into your implementation journey, and collaborate with your CSMs
  
  Manage your Success Plans and Engagements, gain key insights into your implementation journey, and collaborate with your CSMs
  
  Customer Experience Accelerators
  
  Accelerate your Purchase to Value by engaging with Informatica for Customer Success
  
  My Engagements
  
  All your Engagements at one place
- A collaborative platform to connect and grow with like-minded Informaticans across the globe
  
  A collaborative platform to connect and grow with like-minded Informaticans across the globe
  
  Product Communities
  
  Connect and collaborate with Informatica experts and champions
  
  Discussions
  
  Have a question? Start a Discussion and get immediate answers you are looking for
  
  User Groups
  
  Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
  
  Get Started
  
  Community Guidelines
- Troubleshooting documents, product guides, how to videos, best practices, and more
  
  Troubleshooting documents, product guides, how to videos, best practices, and more
  
  Knowledge Base
  
  One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
  
  Support TV
  
  Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
  
  Documentation
  
  Information library of the latest product documents
  
  Velocity (Best Practices)
  
  Best practices and use cases from the Implementation team
- Rich resources to help you leverage full capabilities of our products
  
  Rich resources to help you leverage full capabilities of our products
  
  Trainings
  
  Role-based training programs for the best ROI
  
  Certifications
  
  Get certified on Informatica products. Free, Foundation, or Professional
  
  Product Learning Paths
  
  Free and unlimited modules based on your expertise level and journey
  
  Experience Lounge
  
  Self-guided, intuitive experience platform for outcome-focused product capabilities and use cases
- Library of content to help you leverage the best of Informatica products
  
  Library of content to help you leverage the best of Informatica products
  
  Tech Tuesdays Webinars
  
  Most popular webinars on product architecture, best practices, and more
  
  Product Availability Matrix
  
  Product Availability Matrix statements of Informatica products
  
  SupportFlash
  
  Monthly support newsletter
  
  Support Documents
  
  Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
  
  Product Lifecycle
  
  End of Life statements of Informatica products
  
  Pulse
  
  Monitor the status of your Informatica services across regions
  
  Events
  
  Change Request Tracking
  
  Marketplace
  
  Trust Platform

What do we do once we become aware of.

Our dedicated team of experts immediately initiates a comprehensive investigation upon discovering potential vulnerabilities. This involves rigorous testing, analysis, and collaboration across departments to assess the scope and severity of the vulnerability accurately.

Once identified, our team swiftly implements appropriate measures to address and mitigate the identified vulnerabilities. These measures may include patches, updates, or other remediation actions to safeguard our platform and users' data.

Furthermore, we are committed to transparency and accountability in our security practices. As such, we will provide our users with timely updates and notifications regarding any identified vulnerabilities, other statements, and the corresponding remediation efforts.

Below are Informatica's Responses to recently published 3rd party identified vulnerabilities

NPM Package Vulerabilities Attestation- Oct-2025

Israel-Iran Conflict - 2025

Spring-Library-Feb2025 Major Release CVE Information - Oct -2024

Palo Alto Command Injection Impacting PAN-OS- Apl-2024

Geopolitical Ukraine-Russia Conflict- Mar-2022

Salesloft- Drift-Attestation - SEP -2025

Java FX & Libxml2 - Vulnerabilities - March - 2025

Spring Framework URL Vulnerability- Mar-2024

Leaky Vessels - Jan-2024

Apache Struts-2 Zero-day Vulnerability- Dec-2023

Salesloft- Drift-Notice - AUG -2025

Apache Tomcat - Vulnerabilities - 9.0 DOS Vulnerability Update- AUG -2025

Spring Framework - Path -Traversal - April -2025

Informatica-Snowflake-Response-Jun-2024

Rapid Reset (DOS) Vulnerability- Oct-2023

Salesloft- Drift- FAQ - SEP 2025

Oracle Cloud Infra Data Breach News - March - 2025

India-Pakistan Conflict - 2025

Microsoft CrowdStrike - Jul-2024

Progress Software - MOVEit Vulnerability- Oct-2023

Apache Tomcat - Vulnerabilities - Updated - April -2025

Spring Library - Feb 2025 Major Release Attestation - Oct -2024

IDMC Credential Leak- Feb-2024

Okta Support Incident - Nov-2023

Java ECDSA Vulnerability- May-2022