CNNVD-202601-5025 Information
CNNVD ID
CNNVD-202601-5025
Related CVE
- CNNVD Published: 2026-01-30
Description (Chinese)
IBM Db2是美国国际商业机器(IBM)公司的一套关系型数据库管理系统。该系统的执行环境主要有UNIX、Linux、IBMi、z/OS以及Windows服务器版本。 IBM Db2 11.5.0版本至11.5.9版本和12.1.0版本至12.1.3版本存在安全漏洞,该漏洞源于服务器在处理包含XML列的特制查询时可能崩溃,可能导致拒绝服务攻击。
Description (English)
IBM Db2 is a relationship database management system for the United States International Business Machinery (IBM). The implementation environment for the system is mainly UNIX, Linux, IBMi, z/OS and Windows server versions. There is a security loophole between IBM Db2 11.5.0 to 11.5.9 and 12.1.0 to 12.1.3, which stems from the potential for server failure when handling customized queries containing XML columns, which may lead to denial of service attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2026-01-30
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7257698 https://access.redhat.com/security/cve/cve-2025-36442
Patch
https://www.ibm.com/support/pages/node/7257698
Share on: