IBM Db2 Denial of Service_CVE-2025-36442

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Description

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query with XML columns.

Basic Information

ID CVE-2025-36442

Source ibm

Published Jan 30, 2026 at 21:18

Modified Jan 30, 2026 at 21:37

Affected Product

Vendor IBM

Product Db2 for Linux, UNIX and Windows

Version 11.5.0

Affected Versions IBM Db2 for Linux, UNIX and Windows 11.5.0
IBM Db2 for Linux, UNIX and Windows 12.1.0

CWE Classification

CWE-943

References

www.ibm.com /support/pages/node/7257698

{
    "lastseen": "",
    "description": "IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query with XML columns.",
    "published": "2026-01-30T21:18:24.037Z",
    "modified": "2026-01-30T21:37:16.173Z",
    "type": "cve",
    "title": "IBM Db2 Denial of Service",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7257698",
    "id": "CVE-2025-36442",
    "bulletinFamily": "",
    "cwe": [
        "CWE-943"
    ],
    "cvelist": null,
    "sourceData": "IBM Db2 for Linux, UNIX and Windows 11.5.0\nIBM Db2 for Linux, UNIX and Windows 12.1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Db2 for Linux, UNIX and Windows",
    "version": "11.5.0",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}