CNNVD-202507-2897 Information

CNNVD ID

CNNVD-202507-2897

Related CVE

CVE-2025-48498

• CNNVD Published: 2025-07-22

Description (Chinese)

Bloomberg Comdb2是Bloomberg开源的一款分布式关系数据库管理系统。 Bloomberg Comdb2 8.1版本存在代码问题漏洞，该漏洞源于分布式事务组件在处理协调字段时存在空指针取消引用，可能导致拒绝服务。

Description (English)

Bloomberg Comdb2 is a distributed relationship database management system for Bloomberg ’ s open source. There is a code problem loophole in version 8.1 of Bloomberg Comdb, which stems from the fact that the distributed service component has an empty pointer to cancel references when it handles the coordination field, which may lead to the denial of services.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Bloomberg

Published

2025-07-22

Last Modified

2026-02-24

References

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2199 https://access.redhat.com/security/cve/cve-2025-48498 https://nvd.nist.gov/vuln/detail/CVE-2025-48498

Patch

https://github.com/bloomberg/comdb2/tags