CVE-2025-36008
published 2025-11-07CVE-2025-36008: IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper allocation of resources.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | db2 | 11.5.0 – 11.5.9 | — |
| ibm | db2 | 12.1.0 – 12.1.3 | — |
| msrc | azl3_hyperv-daemons_6.6.29.1-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_hyperv-daemons_6.6.35.1-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_kernel_6.6.29.1-5_on_azure_linux_3.0 | — | — |
| msrc | azl3_kernel_6.6.35.1-4_on_azure_linux_3.0 | — | — |
| msrc | cbl2_hyperv-daemons_5.15.153.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_hyperv-daemons_5.15.158.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kernel_5.15.153.1-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kernel_5.15.158.1-1_on_cbl_mariner_2.0 | — | — |