CVE-2025-33131

CWE-120 — Classic Buffer Overflow3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.0%

top 87.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM DB2 High Performance Unload Load IBM DB2 High Performance Unload

Timeline

PublishedOct 28

Description

IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0.0 IF1, 6.1.0.1, 6.1, and 5.1 could allow an authenticated user to cause the program to crash due to a buffer being overwritten when it is allocated on the stack.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDibm/db2_high_performance_unload_load5.1.0.0 — 6.1.0.0+4

▶CVEListV5ibm/db2_high_performance_unload8 versions+7

🔴Vulnerability Details

GHSA

GHSA-v9x9-gr2p-9wq7: IBM DB2 High Performance Unload 6↗2025-10-28

▶

CVEList

Fixes to common vulnerabilities found in IBM Db2 High Performance Unload↗2025-10-27

▶