CVE-2025-36001
EUVD-2025-20655130.01.2026, 22:15
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recursion.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| ibm | db2 | 11.5.0 ≤ 𝑥 ≤ 11.5.9 |
| ibm | db2 | 11.5.0 ≤ 𝑥 ≤ 11.5.9 |
| ibm | db2 | 11.5.0 ≤ 𝑥 ≤ 11.5.9 |
| ibm | db2 | 12.1.0 ≤ 𝑥 ≤ 12.1.3 |
| ibm | db2 | 12.1.0 ≤ 𝑥 ≤ 12.1.3 |
| ibm | db2 | 12.1.0 ≤ 𝑥 ≤ 12.1.3 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration