What is GHSA-qpmr-4jcx-mc6p?

GHSA-qpmr-4jcx-mc6p is a security advisory published by GitHub Security Advisories with Medium severity. IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data...

Which CVE IDs does GHSA-qpmr-4jcx-mc6p cover?

GHSA-qpmr-4jcx-mc6p covers the following CVE IDs: CVE-2025-36220. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-qpmr-4jcx-mc6p?

GHSA-qpmr-4jcx-mc6p has a CVSS v3 base score of 4.3, published by GitHub Security Advisories.

GHSA-qpmr-4jcx-mc6pMediumCVSS 4.3

IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data...

Vendor

GitHub Security Advisories

Published

May 26, 2026

Last Modified

May 26, 2026

🔗 CVE IDs covered (1)

CVE-2025-36220 →

📋 Description

IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2025-36220
https://www.ibm.com/support/pages/node/7273923
https://github.com/advisories/GHSA-qpmr-4jcx-mc6p