CVE-2025-33131 MEDIUM

CVE-2025-33131: Fixes to common vulnerabilities found in IBM Db2 High Performance Unload

Vendor Ibm
Product DB2 High Performance Unload
Weakness CWE-120
Published October 27, 2025
Last update October 28, 2025

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0.0 IF1, 6.1.0.1, 6.1, and 5.1 could allow an authenticated user to cause the program to crash due to a buffer being overwritten when it is allocated on the stack.

Key dates

02Disclosure timeline

October 27, 2025 CVE published
October 28, 2025 Record updated