CVE-2025-1333
published 2025-05-01CVE-2025-1333: IBM MQ Container when used with the IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0…
medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
IBM MQ Container when used with the IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, and MQ Operator SC2 3.2.0 through 3.2.10 and configured with Cloud Pak for Integration Keycloak could disclose sensitive information to a privileged user.
Affected
127 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 9001 | copyparty | >= 0 < 1.18.9 | 1.18.9 |
| babel | helpers | >= 0 < 7.26.10 | 7.26.10 |
| babel | helpers | >= 8.0.0-alpha.0 < 8.0.0-alpha.17 | 8.0.0-alpha.17 |
| babel | runtime | >= 0 < 7.26.10 | 7.26.10 |
| babel | runtime | >= 8.0.0-alpha.0 < 8.0.0-alpha.17 | 8.0.0-alpha.17 |
| babel | runtime-corejs2 | >= 0 < 7.26.10 | 7.26.10 |
| babel | runtime-corejs2 | >= 8.0.0-alpha.0 < 8.0.0-alpha.17 | 8.0.0-alpha.17 |
| babel | runtime-corejs3 | >= 0 < 7.26.10 | 7.26.10 |
| babel | runtime-corejs3 | >= 8.0.0-alpha.0 < 8.0.0-alpha.17 | 8.0.0-alpha.17 |
| devrafalko | string-math | 0 – 1.2.2 | — |
| facelessuser | pymdown-extensions | >= 0 < 10.16.1 | 10.16.1 |
| github.com | apache_trafficcontrol_v8 | 0 – 8.0.2 | — |
| huggingface | transformers | >= 0 < 4.50.0 | 4.50.0 |
| huggingface | transformers | >= 0 < 4.53.0 | 4.53.0 |
| huggingface | transformers | >= 0 < 4.52.1 | 4.52.1 |
| ibm | mq_operator | — | — |
| ibm | mq_operator | — | — |
| ibm | mq_operator | — | — |
| ibm | mq_operator | — | — |
| ibm | mq_operator | — | — |
| ibm | mq_operator | — | — |
| ibm | mq_operator | — | — |
| ibm | mq_operator | — | — |
| ibm | mq_operator | 2.0.0 – 2.0.29 | — |
| ibm | mq_operator | 2.0.0 LTS – 2.0.29 LTS | — |