CNNVD-202507-3093 Information
CNNVD ID
CNNVD-202507-3093
Related CVE
- CNNVD Published: 2025-07-24
Description (Chinese)
IBM MQ Operator等都是美国国际商业机器(IBM)公司的一种用于管理 IBM MQ 队列管理器生命周期的工具。 IBM多款产品存在安全漏洞,该漏洞源于堆内存释放前未正确清除,可能导致敏感信息泄露。以下产品及版本受到影响:IBM MQ Operator LTS 2.0.0至2.0.29版本、MQ Operator CD 3.0.0、3.0.1、3.1.0至3.1.3、3.3.0、3.4.0、3.4.1、3.5.0、3.5.1、3.6.0和MQ Operator SC2 3.2.0至3.2.13版本。
Description (English)
IBM MQ Operator and others are a tool for the United States International Business Machine (IBM) to manage the life cycle of the IBM MQ queue manager. There is a safety loophole in IBM ’ s multiple products, which stems from the fact that the memory was not properly cleared prior to release and could lead to the disclosure of sensitive information. The following products and versions were affected: IBM MQ Operator LTS Versions 2.0.0 to 2.0.29, MQ Operator CD Versions 3.0.0, 3.01, 3.1.0 to 3.1.3, 3.3.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0 and MQ Operator SC2 2.0 to 3.2.13.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2025-07-24
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7240431 https://nvd.nist.gov/vuln/detail/CVE-2025-33013
Patch
https://www.ibm.com/support/pages/node/7240431
Share on: