June 23, 2025
Multiple IBM Products Vulnerabilities
June 3, 2025
Multiple Apple Products Vulnerabilities
June 3, 2025
Multiple IBM Products Vulnerabilities
June 3, 2025
Multiple Apple Products Vulnerabilities
June 3, 2025
Severity
Medium
Analysis Summary
CVE-2025-3050 CVSS:5.3
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service when using Q replication due to the improper allocation of CPU resources.
CVE-2025-2518 CVSS:5.3
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.
CVE-2024-49350 CVSS:6.5
Windows (includes DB2 Connect Server) versions 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.1 is vulnerable to a denial of service vulnerability where the server may crash under certain conditions with a specially crafted query (IBM Security).
Impact
- Denial of Service
Indicators of Compromise
CVE
CVE-2025-3050
CVE-2025-2518
CVE-2024-49350
Affected Vendors
- IBM
Affected Products
- IBM Db2 for Linux-UNIX and Windows (includes DB2 Connect Server) versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1
Remediation
Refer to the IBM Security Advisory for patch, upgrade, or suggested workaround information.