CNNVD-202507-2266 Information

Jul 16, 2025 cve

CNNVD ID

CNNVD-202507-2266

CVE-2025-36097

  • CNNVD Published: 2025-07-16

Description (Chinese)

IBM WebSphere Application Server(WAS)和IBM WebSphere Application Server Liberty都是美国国际商业机器(IBM)公司的产品。IBM WebSphere Application Server是一款应用服务器产品。该产品是JavaEE和Web服务应用程序的平台,也是IBMWebSphere软件平台的基础。IBM WebSphere Application Server Liberty是一款构建于Open Liberty项目之上的Java应用程序服务器。 IBM WebSphere Application Server 9.0版本和IBM WebSphere Application Server Liberty 17.0.0.3至25.0.0.7版本存在安全漏洞,该漏洞源于栈缓冲区溢出,可能导致拒绝服务攻击。

Description (English)

IBM WebSphere Application Server (WAS) and IBM WebSphere Application Server Lily are products of the United States International Business Machine (IBM). IBM WebSphere Application Server is an application server product. The product is the platform for JavaEE and Web service applications and the basis for the IBMWebSphere software platform. IBM WebSphere Application Server Liberty is a Java application server built on the Open Liberty project. The IBM WebSphere Application Server 9.0 and IBM WebSphere Application Service 17.0.0.3 to 25.0.0.7 have security loopholes, which originate from the spilling of the silo buffer zone and may lead to denial of service attacks.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

IBPhoenix

Published

2025-07-16

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7239856

Patch

https://www.ibm.com/support/pages/node/7239856

Share on: