{"vulnerability": "GHSA-389X-839F-4RHX", "sightings": [{"uuid": "44bd9a05-ba10-4c46-86cf-fccc09660286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113981856193211167", "content": "", "creation_timestamp": "2025-02-10T22:05:01.214046Z"}, {"uuid": "a34f9f29-9124-4897-ba90-f4659b43616c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/678e0ba18d8f78e6a69974ba13c63b56", "content": "", "creation_timestamp": "2025-07-16T06:05:35.000000Z"}, {"uuid": "c5840556-f929-42ff-896f-8439f0129bae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/4f0365a5003239f65288d5f184de3512", "content": "", "creation_timestamp": "2025-07-16T12:02:49.000000Z"}, {"uuid": "180d7707-4afb-4450-a556-ee831ad33d08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/9b1964e5d86640580eef7861e4f37f4c", "content": "", "creation_timestamp": "2025-07-16T12:26:35.000000Z"}, {"uuid": "8cff4806-df3d-4a23-8ab7-e5739ce50556", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/f0ece275d2a5f01cdb6c494e4eda047c", "content": "", "creation_timestamp": "2025-07-16T14:08:37.000000Z"}, {"uuid": "bd8f8486-6290-4ff2-88f1-2ee040bdab35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/d143b158efbe93bddedc21cd35d69f96", "content": "", "creation_timestamp": "2025-07-16T05:05:11.000000Z"}, {"uuid": "e36d6141-f619-4cc2-8fd6-70988c558314", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/03f7f0d5931f6af20b42248cd731633a", "content": "", "creation_timestamp": "2025-07-16T15:24:05.000000Z"}, {"uuid": "7a1896ca-25b1-4d48-b861-617a30d65663", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/c3d37218b11c97a4e6892cc8227f2a75", "content": "", "creation_timestamp": "2025-07-16T15:25:48.000000Z"}, {"uuid": "03a26ed3-c55d-44bd-ba07-2ee6beca27f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/74e21949896b589baa948e9ed6f5748a", "content": "", "creation_timestamp": "2025-06-17T12:51:43.000000Z"}, {"uuid": "dc81276a-dacd-4fa4-bb9d-e2292ddfabd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/42c52b7475f1deb88e5e54007f9a06a5", "content": "", "creation_timestamp": "2025-07-16T09:05:51.000000Z"}, {"uuid": "93e41796-1e68-47ed-8a20-f8f09d1e855d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/854db19b37d85f8ecc0537be2939d6c9", "content": "", "creation_timestamp": "2025-07-16T22:54:47.000000Z"}, {"uuid": "bdffb032-bc6f-47f6-9167-d6100e0e35ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389X-839F-4RHX", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4939", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25193\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crash. A similar issue was previously reported as CVE-2024-47535. This issue was fixed, but the fix was incomplete in that null-bytes were not counted against the input limit. Commit d1fbda62d3a47835d3fb35db8bd42ecc205a5386 contains an updated fix.\n\ud83d\udccf Published: 2025-02-10T22:02:17.197Z\n\ud83d\udccf Modified: 2025-02-21T18:03:38.211Z\n\ud83d\udd17 References:\n1. https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx\n2. https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", "creation_timestamp": "2025-02-21T18:18:54.000000Z"}, {"uuid": "a4ec6641-f9bd-4874-855f-e0563564b004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/ac258bea45025717f0ed3e9461a069c2", "content": "", "creation_timestamp": "2025-07-16T05:32:18.000000Z"}, {"uuid": "06fd4366-996a-41dd-b3a7-8a9631fad7ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/f61224522155355958d6a621efd7cfe8", "content": "", "creation_timestamp": "2025-07-16T12:59:51.000000Z"}, {"uuid": "5641177c-2e32-4a9e-8cbc-754a7bdc17c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/2af29f281eeb8d7a86455b607f77d23e", "content": "", "creation_timestamp": "2025-07-16T08:01:57.000000Z"}, {"uuid": "09b8971a-9133-4ff9-a500-67d6da502d34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/558d37f41c5ff4ac289f774151dbeb8e", "content": "", "creation_timestamp": "2025-07-16T08:27:57.000000Z"}, {"uuid": "6b8244e0-92bd-4fd8-88a7-aad08771b86d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/377e11baa0869e0b381b07a3d7ed6e90", "content": "", "creation_timestamp": "2025-07-16T10:34:44.000000Z"}, {"uuid": "eee7e2f0-81b0-4f46-854b-15d3986d2078", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/24c020ed9d2c5206c5029cfb25825bf0", "content": "", "creation_timestamp": "2025-07-16T10:38:12.000000Z"}, {"uuid": "4b64a5b0-9c07-4df5-8b2e-3ef02568c5bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/a0f60a8d5fe224be81cffcc8c0397e50", "content": "", "creation_timestamp": "2025-07-16T04:44:08.000000Z"}, {"uuid": "04958f51-81a3-4675-af49-2da57c5d0aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389x-839f-4rhx", "type": "seen", "source": "https://gist.github.com/safer-bot/2d598c0e56d4c08d8d3ab8b2c3ce83f3", "content": "", "creation_timestamp": "2025-07-16T09:30:30.000000Z"}, {"uuid": "1c11ce6e-853d-4a60-a636-6887ba2f1bda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-389X-839F-4RHX", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4455", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25193\n\ud83d\udd25 CVSS Score: 5.4 (CVSS_V3)\n\ud83d\udd39 Description: ### Summary\nAn unsafe reading of environment file could potentially cause a denial of service in Netty.\nWhen loaded on an Windows application, Netty attemps to load a file that does not exist. If an attacker creates such a large file, the Netty application crash.\n\n### Details\nA similar issue was previously reported in https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv\nThis issue was fixed, but the fix was incomplete in that null-bytes were not counted against the input limit.\n\n\n### PoC\nThe PoC is the same as for https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv with the detail that the file should only contain null-bytes; 0x00.\nWhen the null-bytes are encountered by the `InputStreamReader`, it will issue replacement characters in its charset decoding, which will fill up the line-buffer in the `BufferedReader.readLine()`, because the replacement character is not a line-break character.\n\n### Impact\nImpact is the same as https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv\n\ud83d\udccf Published: 2025-02-10T18:14:47Z\n\ud83d\udccf Modified: 2025-02-14T15:02:31Z\n\ud83d\udd17 References:\n1. https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx\n2. https://nvd.nist.gov/vuln/detail/CVE-2025-25193\n3. https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\n4. https://github.com/netty/netty", "creation_timestamp": "2025-02-14T15:15:16.000000Z"}]}