CVE-2023-38728
published 2023-10-16CVE-2023-38728: IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query statement. IBM X-Force ID: 262258.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | db2 | — | — |
| ibm | db2 | — | — |
| ibm | db2 | >= 11.5 < 11.5.8 | 11.5.8 |