Security Advisory

IBM Product Security Update Advisory (CVE-2025-36097)

  • Jul 21 2025
IBM Product Security Update Advisory (CVE-2025-36097)

Overview

 

We have released a security update to fix vulnerabilities in IBM products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-36097

 

IBM WebSphere Application Server Liberty Versions: 17.0.0.3 and later and 25.0.0.7 and earlier
IBM WebSphere Application Server Versions: 9.0.0.0 or later and 9.0.5.24 or earlier

 

 

Resolved Vulnerabilities

 

Denial of Service Vulnerability due to a stack-based overflow in IBM WebSphere Application Server and WebSphere Application Server Liberty (CVE-2025-36097)

 

 

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

 

CVE-2025-36097

 

IBM WebSphere Application Server Liberty Version: 25.0.0.8 or later or with PH67183[2]
IBM WebSphere Application Server Version: 9.0.5.25 or later or with PH67120[3]

 

 

References

 

[1] Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service (CVE-2025-36097)
https://www.ibm.com/support/pages/node/7239856
[2] PH67183:IBM WebSphere Liberty is affected by a denial of service (CVE-2025-36097 CVSS 7.5)
https://www.ibm.com/support/pages/node/7239621
[3] PH67120:IBM WebSphere Application Server is affected by a denial of service (CVE-2025-36097 CVSS 7.5)
https://www.ibm.com/support/pages/node/7239821

Tags:
Previous Post

Next Post