CVE-2025-1992

Published May 5, 2025

Last updated 23 days ago

CVSS medium 5.3

Overview

Description: IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user, under non default configurations, to cause a denial of service due to insufficient release of allocated memory after usage.
Source: psirt@us.ibm.com
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.3
Impact score: 3.6
Exploitability score: 1.6
Vector string: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

psirt@us.ibm.com: CWE-401

Hype score: Not currently trending

CVE-2025-1992 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user, under non default c… https://t.co/uJNbzUSrfD
@CVEnew
5 May 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References

Sources include official advisories and independent security research.