CVE-2024-47118
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-07
Last updated on: 2025-11-19
Assigner: IBM Corporation
Description
Description
IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | db2 | From 10.5.0.0 (inc) to 10.5.0.11 (inc) |
| ibm | db2 | From 10.5.0.0 (inc) to 10.5.0.11 (inc) |
| ibm | db2 | From 10.5.0.0 (inc) to 10.5.0.11 (inc) |
| ibm | db2 | From 11.1.0 (inc) to 11.1.4.7 (inc) |
| ibm | db2 | From 11.1.0 (inc) to 11.1.4.7 (inc) |
| ibm | db2 | From 11.1.0 (inc) to 11.1.4.7 (inc) |
| ibm | db2 | From 11.5.0 (inc) to 11.5.9 (inc) |
| ibm | db2 | From 11.5.0 (inc) to 11.5.9 (inc) |
| ibm | db2 | From 11.5.0 (inc) to 11.5.9 (inc) |
| ibm | db2 | From 12.1.0 (inc) to 12.1.3 (inc) |
| ibm | db2 | From 12.1.0 (inc) to 12.1.3 (inc) |
| ibm | db2 | From 12.1.0 (inc) to 12.1.3 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
