Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-2900

Опубликовано: 14 мая 2025
Источник: nvd
CVSS3: 7.5
EPSS Низкий

Описание

IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:semeru_runtime:*:*:*:*:*:*:*:*
Версия от 8.0.302.0 (включая) до 8.0.442.0 (включая)
cpe:2.3:a:ibm:semeru_runtime:*:*:*:*:*:*:*:*
Версия от 11.0.12.0 (включая) до 11.026.0 (включая)
cpe:2.3:a:ibm:semeru_runtime:*:*:*:*:*:*:*:*
Версия от 17.0.0.0 (включая) до 17.0.14.0 (включая)
cpe:2.3:a:ibm:semeru_runtime:*:*:*:*:*:*:*:*
Версия от 21.0.0.0 (включая) до 21.0.6.0 (включая)

EPSS

Процентиль: 19%
0.00061
Низкий

7.5 High

CVSS3

Дефекты

CWE-122
CWE-787

Связанные уязвимости

redhat логотип

CVE-2025-2900

CVSS3: 7.5
redhat
4 месяца назад

IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation.

github логотип

GHSA-6pp6-5h3q-mgg3

CVSS3: 7.5
github
4 месяца назад

IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation.

EPSS

Процентиль: 19%
0.00061
Низкий

7.5 High

CVSS3

Дефекты

CWE-122
CWE-787