Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2025-AVI-0939
Vulnerability from certfr_avis - Published: 2025-10-30 - Updated: 2025-10-30
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Splunk | Splunk AppDynamics Analytics Agent | Splunk AppDynamics Analytics Agent versions 25.7.x antérieures à 25.7.0 | ||
| Splunk | Splunk AppDynamics Private Synthetic Agent | Splunk AppDynamics Private Synthetic Agent versions 25.7.x antérieures à 25.7.0 | ||
| Splunk | Splunk Operator for Kubernetes | Greffon Splunk Operator for Kubernetes versions 3.0.x antérieures à 3.0.0 | ||
| Splunk | Splunk AppDynamics Machine Agent | Splunk AppDynamics Machine Agent versions 25.7.x antérieures à 25.7.0 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Splunk AppDynamics Analytics Agent versions 25.7.x ant\u00e9rieures \u00e0 25.7.0",
"product": {
"name": "Splunk AppDynamics Analytics Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Private Synthetic Agent versions 25.7.x ant\u00e9rieures \u00e0 25.7.0",
"product": {
"name": "Splunk AppDynamics Private Synthetic Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Greffon Splunk Operator for Kubernetes versions 3.0.x ant\u00e9rieures \u00e0 3.0.0",
"product": {
"name": "Splunk Operator for Kubernetes",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Machine Agent versions 25.7.x ant\u00e9rieures \u00e0 25.7.0",
"product": {
"name": "Splunk AppDynamics Machine Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-45159",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45159"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-3360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3360"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-48622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48622"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
}
],
"initial_release_date": "2025-10-30T00:00:00",
"last_revision_date": "2025-10-30T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0939",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-30T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-1009",
"url": "https://advisory.splunk.com/advisories/SVD-2025-1009"
},
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-1011",
"url": "https://advisory.splunk.com/advisories/SVD-2025-1011"
},
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-1010",
"url": "https://advisory.splunk.com/advisories/SVD-2025-1010"
},
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-1008",
"url": "https://advisory.splunk.com/advisories/SVD-2025-1008"
}
]
}
CVE-2024-45159 (GCVE-0-2024-45159)
Vulnerability from cvelistv5 – Published: 2024-09-05 00:00 – Updated: 2025-03-13 19:47
VLAI
EPSS
Summary
An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage extensions, then the return value of mbedtls_ssl_get_verify_result() would incorrectly have the MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_KEY_USAGE bits clear. As a result, an attacker that had a certificate valid for uses other than TLS client authentication would nonetheless be able to use it for TLS client authentication. Only TLS 1.3 servers were affected, and only with optional authentication (with required authentication, the handshake would be aborted with a fatal alert).
Severity
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45159",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T18:17:13.696247Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T19:47:36.383Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage extensions, then the return value of mbedtls_ssl_get_verify_result() would incorrectly have the MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_KEY_USAGE bits clear. As a result, an attacker that had a certificate valid for uses other than TLS client authentication would nonetheless be able to use it for TLS client authentication. Only TLS 1.3 servers were affected, and only with optional authentication (with required authentication, the handshake would be aborted with a fatal alert)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T18:41:15.487Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/"
},
{
"url": "https://github.com/Mbed-TLS/mbedtls/releases/"
},
{
"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-08-3/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-45159",
"datePublished": "2024-09-05T00:00:00.000Z",
"dateReserved": "2024-08-22T00:00:00.000Z",
"dateUpdated": "2025-03-13T19:47:36.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45336 (GCVE-0-2024-45336)
Vulnerability from cvelistv5 – Published: 2025-01-28 01:03 – Updated: 2025-09-18 18:41
VLAI
EPSS
Title
Sensitive headers incorrectly sent after cross-domain redirect in net/http
Summary
The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.
Severity
6.1 (Medium)
CWE
- CWE-201 - Insertion of Sensitive Information Into Sent Data
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | net/http |
Affected:
0 , < 1.22.11
(semver)
Affected: 1.23.0-0 , < 1.23.5 (semver) Affected: 1.24.0-0 , < 1.24.0-rc.2 (semver) |
Credits
Kyle Seely
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45336",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:56:59.058895Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T15:16:38.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-02-21T18:03:31.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250221-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net/http",
"product": "net/http",
"programRoutines": [
{
"name": "Client.do"
},
{
"name": "Client.makeHeadersCopier"
},
{
"name": "shouldCopyHeaderOnRedirect"
},
{
"name": "Client.Do"
},
{
"name": "Client.Get"
},
{
"name": "Client.Head"
},
{
"name": "Client.Post"
},
{
"name": "Client.PostForm"
},
{
"name": "Get"
},
{
"name": "Head"
},
{
"name": "Post"
},
{
"name": "PostForm"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.22.11",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.23.5",
"status": "affected",
"version": "1.23.0-0",
"versionType": "semver"
},
{
"lessThan": "1.24.0-rc.2",
"status": "affected",
"version": "1.24.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kyle Seely"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-201: Insertion of Sensitive Information Into Sent Data",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-18T18:41:11.116Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/643100"
},
{
"url": "https://go.dev/issue/70530"
},
{
"url": "https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ"
},
{
"url": "https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3420"
}
],
"title": "Sensitive headers incorrectly sent after cross-domain redirect in net/http"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2024-45336",
"datePublished": "2025-01-28T01:03:24.869Z",
"dateReserved": "2024-08-27T19:41:58.555Z",
"dateUpdated": "2025-09-18T18:41:11.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45341 (GCVE-0-2024-45341)
Vulnerability from cvelistv5 – Published: 2025-01-28 01:03 – Updated: 2025-02-21 18:03
VLAI
EPSS
Title
Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509
Summary
A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs.
Severity
6.1 (Medium)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | crypto/x509 |
Affected:
0 , < 1.22.11
(semver)
Affected: 1.23.0-0 , < 1.23.5 (semver) Affected: 1.24.0-0 , < 1.24.0-rc.2 (semver) |
Credits
Juho Forsén of Mattermost
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45341",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:57:00.467281Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T15:16:58.278Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-02-21T18:03:33.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250221-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "crypto/x509",
"product": "crypto/x509",
"programRoutines": [
{
"name": "matchURIConstraint"
},
{
"name": "CertPool.AppendCertsFromPEM"
},
{
"name": "Certificate.CheckCRLSignature"
},
{
"name": "Certificate.CheckSignature"
},
{
"name": "Certificate.CheckSignatureFrom"
},
{
"name": "Certificate.CreateCRL"
},
{
"name": "Certificate.Verify"
},
{
"name": "Certificate.VerifyHostname"
},
{
"name": "CertificateRequest.CheckSignature"
},
{
"name": "CreateCertificate"
},
{
"name": "CreateCertificateRequest"
},
{
"name": "CreateRevocationList"
},
{
"name": "DecryptPEMBlock"
},
{
"name": "EncryptPEMBlock"
},
{
"name": "HostnameError.Error"
},
{
"name": "MarshalECPrivateKey"
},
{
"name": "MarshalPKCS1PrivateKey"
},
{
"name": "MarshalPKCS1PublicKey"
},
{
"name": "MarshalPKCS8PrivateKey"
},
{
"name": "MarshalPKIXPublicKey"
},
{
"name": "ParseCRL"
},
{
"name": "ParseCertificate"
},
{
"name": "ParseCertificateRequest"
},
{
"name": "ParseCertificates"
},
{
"name": "ParseDERCRL"
},
{
"name": "ParseECPrivateKey"
},
{
"name": "ParsePKCS1PrivateKey"
},
{
"name": "ParsePKCS1PublicKey"
},
{
"name": "ParsePKCS8PrivateKey"
},
{
"name": "ParsePKIXPublicKey"
},
{
"name": "ParseRevocationList"
},
{
"name": "RevocationList.CheckSignatureFrom"
},
{
"name": "SetFallbackRoots"
},
{
"name": "SystemCertPool"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.22.11",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.23.5",
"status": "affected",
"version": "1.23.0-0",
"versionType": "semver"
},
{
"lessThan": "1.24.0-rc.2",
"status": "affected",
"version": "1.24.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Juho Fors\u00e9n of Mattermost"
}
],
"descriptions": [
{
"lang": "en",
"value": "A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-295: Improper Certificate Validation",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:14:21.421Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/643099"
},
{
"url": "https://go.dev/issue/71156"
},
{
"url": "https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ"
},
{
"url": "https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3373"
}
],
"title": "Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2024-45341",
"datePublished": "2025-01-28T01:03:24.353Z",
"dateReserved": "2024-08-27T19:41:58.556Z",
"dateUpdated": "2025-02-21T18:03:33.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-52533 (GCVE-0-2024-52533)
Vulnerability from cvelistv5 – Published: 2024-11-11 00:00 – Updated: 2024-12-06 13:09
VLAI
EPSS
Summary
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.
Severity
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gnome:glib:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "glib",
"vendor": "gnome",
"versions": [
{
"lessThan": "2.82.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-52533",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-12T15:46:58.614686Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T15:49:33.348Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-12-06T13:09:32.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/12/11"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00020.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20241206-0009/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing \u0027\\0\u0027 character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-11T22:57:28.795Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home"
},
{
"url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3461"
},
{
"url": "https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-52533",
"datePublished": "2024-11-11T00:00:00.000Z",
"dateReserved": "2024-11-11T00:00:00.000Z",
"dateUpdated": "2024-12-06T13:09:32.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6763 (GCVE-0-2024-6763)
Vulnerability from cvelistv5 – Published: 2024-10-14 15:06 – Updated: 2025-03-07 00:10
VLAI
EPSS
Title
Jetty URI parsing of invalid authority
Summary
Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.
The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI
differs from the common browsers in how it handles a URI that would be
considered invalid if fully validated against the RRC. Specifically HttpURI
and the browser may differ on the value of the host extracted from an
invalid URI and thus a combination of Jetty and a vulnerable browser may
be vulnerable to a open redirect attack or to a SSRF attack if the URI
is used after passing validation checks.
Severity
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
7.0.0 , ≤ 12.0.11
(semver)
|
Date Public
2024-10-14 15:00
Credits
https://github.com/zer0yu
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "jetty",
"vendor": "eclipse",
"versions": [
{
"lessThanOrEqual": "12.0.11",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6763",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:44:14.448650Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:45:35.771Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-03-07T00:10:46.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250306-0005/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-http"
],
"packageName": "org.eclipse.jetty:jetty-http",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "12.0.11",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "https://github.com/zer0yu"
}
],
"datePublic": "2024-10-14T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eEclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, \u003ccode\u003eHttpURI\u003c/code\u003e, for URI/URL parsing.\u003c/p\u003e\u003cp\u003eThe \u003ccode\u003eHttpURI\u003c/code\u003e class does insufficient validation on the authority segment of a URI. However the behaviour of \u003ccode\u003eHttpURI\u003c/code\u003e\n differs from the common browsers in how it handles a URI that would be \nconsidered invalid if fully validated against the RRC. Specifically \u003ccode\u003eHttpURI\u003c/code\u003e\n and the browser may differ on the value of the host extracted from an \ninvalid URI and thus a combination of Jetty and a vulnerable browser may\n be vulnerable to a open redirect attack or to a SSRF attack if the URI \nis used after passing validation checks.\u003c/p\u003e"
}
],
"value": "Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.\n\nThe HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI\n differs from the common browsers in how it handles a URI that would be \nconsidered invalid if fully validated against the RRC. Specifically HttpURI\n and the browser may differ on the value of the host extracted from an \ninvalid URI and thus a combination of Jetty and a vulnerable browser may\n be vulnerable to a open redirect attack or to a SSRF attack if the URI \nis used after passing validation checks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-14T15:30:38.815Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/25"
},
{
"url": "https://github.com/jetty/jetty.project/pull/12012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jetty URI parsing of invalid authority",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe attacks outlined above rely on decoded user data being passed to the \u003ccode\u003eHttpURI\u003c/code\u003e class. Application should not pass decoded user data as an encoded URI to any URI class/method, including \u003ccode\u003eHttpURI\u003c/code\u003e. Such applications are likely to be vulnerable in other ways.\u003cbr\u003e\nThe immediate solution is to upgrade to a version of the class that will\n fully validate the characters of the URI authority. Ultimately, Jetty \nwill deprecate and remove support for user info in the authority per \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://datatracker.ietf.org/doc/html/rfc9110#section-4.2.4\"\u003eRFC9110 Section 4.2.4\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eNote that the Chrome (and other browsers) parse the \ninvalid user info section improperly as well (due to flawed WhatWG URL \nparsing rules that do not apply outside of a Web Browser).\u003c/p\u003e"
}
],
"value": "The attacks outlined above rely on decoded user data being passed to the HttpURI class. Application should not pass decoded user data as an encoded URI to any URI class/method, including HttpURI. Such applications are likely to be vulnerable in other ways.\n\nThe immediate solution is to upgrade to a version of the class that will\n fully validate the characters of the URI authority. Ultimately, Jetty \nwill deprecate and remove support for user info in the authority per RFC9110 Section 4.2.4 https://datatracker.ietf.org/doc/html/rfc9110#section-4.2.4 .\n\n\nNote that the Chrome (and other browsers) parse the \ninvalid user info section improperly as well (due to flawed WhatWG URL \nparsing rules that do not apply outside of a Web Browser)."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-6763",
"datePublished": "2024-10-14T15:06:07.298Z",
"dateReserved": "2024-07-15T17:37:53.605Z",
"dateUpdated": "2025-03-07T00:10:46.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22866 (GCVE-0-2025-22866)
Vulnerability from cvelistv5 – Published: 2025-02-06 16:54 – Updated: 2025-02-21 18:03
VLAI
EPSS
Title
Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec
Summary
Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols.
Severity
4 (Medium)
CWE
- CWE-208 - Observable Timing Discrepancy
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | crypto/internal/nistec |
Affected:
0 , < 1.22.12
(semver)
Affected: 1.23.0-0 , < 1.23.6 (semver) Affected: 1.24.0-0 , < 1.24.0-rc.3 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-22866",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T20:40:17.232803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T14:47:25.778Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-02-21T18:03:36.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250221-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "crypto/internal/nistec",
"product": "crypto/internal/nistec",
"programRoutines": [
{
"name": "p256NegCond"
},
{
"name": "P256Point.ScalarBaseMult"
},
{
"name": "P256Point.ScalarMult"
},
{
"name": "P256Point.SetBytes"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.22.12",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.23.6",
"status": "affected",
"version": "1.23.0-0",
"versionType": "semver"
},
{
"lessThan": "1.24.0-rc.3",
"status": "affected",
"version": "1.24.0-0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-208: Observable Timing Discrepancy",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T16:54:10.252Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/643735"
},
{
"url": "https://go.dev/issue/71383"
},
{
"url": "https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3447"
}
],
"title": "Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-22866",
"datePublished": "2025-02-06T16:54:10.252Z",
"dateReserved": "2025-01-08T19:11:42.834Z",
"dateUpdated": "2025-02-21T18:03:36.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22868 (GCVE-0-2025-22868)
Vulnerability from cvelistv5 – Published: 2025-02-26 03:07 – Updated: 2025-02-26 14:46
VLAI
EPSS
Title
Unexpected memory consumption during token parsing in golang.org/x/oauth2
Summary
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
Severity
7.5 (High)
CWE
- CWE-1286 - Improper Validation of Syntactic Correctness of Input
Assigner
References
3 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/oauth2 | golang.org/x/oauth2/jws |
Affected:
0 , < 0.27.0
(semver)
|
Credits
jub0bs
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-22868",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T14:45:27.246610Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286 Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T14:46:20.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/oauth2/jws",
"product": "golang.org/x/oauth2/jws",
"programRoutines": [
{
"name": "Verify"
}
],
"vendor": "golang.org/x/oauth2",
"versions": [
{
"lessThan": "0.27.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "jub0bs"
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T03:07:49.012Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/652155"
},
{
"url": "https://go.dev/issue/71490"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"title": "Unexpected memory consumption during token parsing in golang.org/x/oauth2"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-22868",
"datePublished": "2025-02-26T03:07:49.012Z",
"dateReserved": "2025-01-08T19:11:42.834Z",
"dateUpdated": "2025-02-26T14:46:20.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22871 (GCVE-0-2025-22871)
Vulnerability from cvelistv5 – Published: 2025-04-08 20:04 – Updated: 2026-05-12 12:04
VLAI
EPSS
Title
Request smuggling due to acceptance of invalid chunked data in net/http
Summary
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
Severity
9.1 (Critical)
CWE
- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | net/http/internal |
Affected:
0 , < 1.23.8
(semver)
Affected: 1.24.0-0 , < 1.24.2 (semver) |
Credits
Jeppe Bonde Weikop
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-04-08T21:03:21.913Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/04/04/4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-22871",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T14:57:03.151639Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-18T14:57:31.331Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SENTRON 7KT PAC1261 Data Manager",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T12:04:11.015Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-783943.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net/http/internal",
"product": "net/http/internal",
"programRoutines": [
{
"name": "readChunkLine"
},
{
"name": "chunkedReader.Read"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.23.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.24.2",
"status": "affected",
"version": "1.24.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jeppe Bonde Weikop"
}
],
"descriptions": [
{
"lang": "en",
"value": "The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T20:04:34.769Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/652998"
},
{
"url": "https://go.dev/issue/71988"
},
{
"url": "https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3563"
}
],
"title": "Request smuggling due to acceptance of invalid chunked data in net/http"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-22871",
"datePublished": "2025-04-08T20:04:34.769Z",
"dateReserved": "2025-01-08T19:11:42.834Z",
"dateUpdated": "2026-05-12T12:04:11.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-22872 (GCVE-0-2025-22872)
Vulnerability from cvelistv5 – Published: 2025-04-16 17:13 – Updated: 2025-05-16 23:03
VLAI
EPSS
Title
Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
Summary
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. <math>, <svg>, etc contexts).
Severity
6.5 (Medium)
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/net | golang.org/x/net/html |
Affected:
0 , < 0.38.0
(semver)
|
Credits
Sean Ng (https://ensy.zip)
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-22872",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T20:14:29.607584Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T20:15:13.433Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-05-16T23:03:07.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250516-0007/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/html",
"product": "golang.org/x/net/html",
"programRoutines": [
{
"name": "Tokenizer.readStartTag"
},
{
"name": "Parse"
},
{
"name": "ParseFragment"
},
{
"name": "ParseFragmentWithOptions"
},
{
"name": "ParseWithOptions"
},
{
"name": "Tokenizer.Next"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.38.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sean Ng (https://ensy.zip)"
}
],
"descriptions": [
{
"lang": "en",
"value": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:13:02.550Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/662715"
},
{
"url": "https://go.dev/issue/73070"
},
{
"url": "https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3595"
}
],
"title": "Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-22872",
"datePublished": "2025-04-16T17:13:02.550Z",
"dateReserved": "2025-01-08T19:11:42.834Z",
"dateUpdated": "2025-05-16T23:03:07.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3360 (GCVE-0-2025-3360)
Vulnerability from cvelistv5 – Published: 2025-04-07 12:53 – Updated: 2025-11-21 07:16
VLAI
EPSS
Title
Glibc: glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with g_date_time_new_from_iso8601().
Summary
A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.
Severity
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://access.redhat.com/security/cve/CVE-2025-3360 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2357754 | issue-trackingx_refsource_REDHAT |
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
0 , < 2.82.5
(semver)
|
|||
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
Date Public
2025-04-07 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3360",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-07T13:23:42.465415Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T18:29:26.350Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-04-14T12:04:48.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00024.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://gitlab.gnome.org/GNOME/glib",
"defaultStatus": "unaffected",
"packageName": "glib",
"versions": [
{
"lessThan": "2.82.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "bootc",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "glib2",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "glycin-loaders",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "loupe",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "mingw-glib2",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "glib2",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"packageName": "glib2",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "glib2",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "librsvg2",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "mingw-glib2",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "bootc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "glib2",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "librsvg2",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "mingw-glib2",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"datePublic": "2025-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T07:16:40.998Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-3360"
},
{
"name": "RHBZ#2357754",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357754"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-07T01:36:36.703Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-04-07T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Glibc: glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with g_date_time_new_from_iso8601().",
"workarounds": [
{
"lang": "en",
"value": "Currently, no mitigation is available for this vulnerability."
}
],
"x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-3360",
"datePublished": "2025-04-07T12:53:55.924Z",
"dateReserved": "2025-04-07T01:50:45.607Z",
"dateUpdated": "2025-11-21T07:16:40.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…