Vulnerability Details CVE-2025-2900
IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.5%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2025-2900
-
cpe:2.3:a:ibm:semeru_runtime:11.0.12.0
-
cpe:2.3:a:ibm:semeru_runtime:11.0.21.0
-
cpe:2.3:a:ibm:semeru_runtime:11.0.22.0
-
cpe:2.3:a:ibm:semeru_runtime:17.0.1.0
-
cpe:2.3:a:ibm:semeru_runtime:17.0.10.0
-
cpe:2.3:a:ibm:semeru_runtime:17.0.9.0
-
cpe:2.3:a:ibm:semeru_runtime:21.0.1.0
-
cpe:2.3:a:ibm:semeru_runtime:8.0.302.0
-
cpe:2.3:a:ibm:semeru_runtime:8.0.392.0
-
cpe:2.3:a:ibm:semeru_runtime:8.0.402.0