MQ

View Only

CVE-2025-36128

Peter Roemer posted Fri November 14, 2025 05:24 AM

Is, or will, "CVE-2025-36128; IBM MQ: Slowloris attack which is a type of denial-of-service (DoS)" be included in an IBM MQ Fixpack for version 9.3 LTS ?

Norbert Pfister posted Mon November 24, 2025 11:19 AM

Page Security Bulletin: IBM MQ is vulnerable to Slowloris attack which is a type of denial-of-service (DoS) (CVE-2025-36128) shows all affected (active) versions,
so the answer is yes .

But it is not visible what Fixpack it will be.

bruce2359 posted Tue November 25, 2025 09:29 AM

https://www.ibm.com/support/pages/security-bulletin-ibm-mq-vulnerable-slowloris-attack-which-type-denial-service-dos-cve-2025-36128

Additional
Resources

Discover these carefully selected resources to dive deeper into your journey and unlock fresh insights

Office

If you need immediate assistance please contact the Community Management team

support@communitysite.ibm.com

Monday - Friday: 8AM - 5 PM MT

Powered by Higher Logic

MQ

CVE-2025-36128

Related Content

IBM MQ Appliance 9.3.0.1 firmware is available (M2002 and M2003)

IBM MQ 9.3 Long Term Support is available

IBM MQ, IBM MQ for z/OS and IBM MQ Appliance firmware 9.3.1 Continuous Delivery releases are available

IBM MQ 9.4 Long Term Support is available

IBM MQ, IBM MQ for z/OS and IBM MQ Appliance firmware 9.3.5 Continuous Delivery releases are available

Additional Resources

Office

Quick Links

Additional
Resources