CVE-2025-1000
published 2025-05-05CVE-2025-1000: IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1
could allow an authenticated user to cause a denial of service when connecting to a z/OS database due to improper handling of automatic client rerouting.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | authzed_spicedb | >= 0 < 1.45.2 | 1.45.2 |
| chrome_chrome | — | — | |
| ibm | db2 | 11.5 – 11.5.9 | — |
| ibm | db2 | 12.1.0 – 12.1.1 | — |
| msrc | windows_security_app | — | — |
| qs_project | qs | >= 0 < 6.14.1 | 6.14.1 |