CNNVD-202507-2895 Information

CNNVD ID

CNNVD-202507-2895

Related CVE

CVE-2025-36520

• CNNVD Published: 2025-07-22

Description (Chinese)

Bloomberg Comdb2是Bloomberg开源的一款分布式关系数据库管理系统。 Bloomberg Comdb2 8.1版本存在代码问题漏洞，该漏洞源于net_connectmsg协议缓冲区消息功能中存在空指针取消引用，可能导致拒绝服务。

Description (English)

Bloomberg Comdb2 is a distributed relationship database management system for Bloomberg ’ s open source. Version 8.1 of Bloomberg Comdb has a code problem loophole, which stems from the absence of an empty pointer in the net conectmsg buffer message function, which may lead to the denial of services.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Bloomberg

Published

2025-07-22

Last Modified

2026-02-24

References

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2197 https://access.redhat.com/security/cve/cve-2025-36520 https://nvd.nist.gov/vuln/detail/CVE-2025-36520

Patch

https://github.com/bloomberg/comdb2/tags