{"vulnerability": "CVE-2025-0704", "sightings": [{"uuid": "c48db123-c0fe-4cb5-a0e5-3a545c03f049", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0704", "type": "seen", "source": "https://t.me/cvedetector/16337", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-0704 - JoeyBling Bootplus QrCodeController w/h Resource Consumption Remote DoS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-0704 \nPublished : Jan. 24, 2025, 7:15 p.m. | 38\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. Affected is the function qrCode of the file src/main/java/io/github/controller/QrCodeController.java. The manipulation of the argument w/h leads to resource consumption. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-24T21:06:16.000000Z"}, {"uuid": "2f2bc6b0-53f4-43d4-9f0f-11b21b234c5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0704", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3022", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-0704\n\ud83d\udd39 Description: A vulnerability, which was classified as problematic, was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. Affected is the function qrCode of the file src/main/java/io/github/controller/QrCodeController.java. The manipulation of the argument w/h leads to resource consumption. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.\n\ud83d\udccf Published: 2025-01-24T18:31:07.998Z\n\ud83d\udccf Modified: 2025-01-24T20:57:42.050Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.293232\n2. https://vuldb.com/?ctiid.293232\n3. https://vuldb.com/?submit.480843\n4. https://github.com/JoeyBling/bootplus/issues/26\n5. https://github.com/JoeyBling/bootplus/issues/26#issue-2786934642", "creation_timestamp": "2025-01-24T21:05:14.000000Z"}]}