Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-35152

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 292639.

Published

2024-08-14T18:15:12.030

Last Modified

2025-11-04T17:15:53.717

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-789
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	db2	11.5.8	Yes
Application	ibm	db2	11.5.8	Yes
Application	ibm	db2	11.5.8	Yes
Application	ibm	db2	11.5.9	Yes
Application	ibm	db2	11.5.9	Yes
Application	ibm	db2	11.5.9	Yes

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/292639 Vendor Advisory ([email protected])
https://www.ibm.com/support/pages/node/7165342 Vendor Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20240912-0003/ (af854a3a-2127-422b-91ae-364da2661108)