CWE-248
Uncaught Exception
An exception is thrown from a function, but it is not caught.
CVE-2025-35436 (GCVE-0-2025-35436)
Vulnerability from cvelistv5 – Published: 2025-09-17 16:53 – Updated: 2025-09-30 16:36
VLAI
Title
CISA Thorium account verification email error handling
Summary
CISA Thorium uses '.unwrap()' to handle errors related to account verification email messages. An unauthenticated remote attacker could cause a crash by providing a specially crafted email address or response. Fixed in commit 6a65a27.
Severity
5.3 (Medium)
CWE
- CWE-248 - Uncaught Exception
Assigner
References
Impacted products
Date Public
2025-09-03 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35436",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T16:36:04.975336Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T16:36:16.594Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Thorium",
"vendor": "CISA",
"versions": [
{
"lessThan": "6a65a27",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6a65a27"
}
]
}
],
"credits": [
{
"lang": "en",
"value": ", OpenAI Security Research"
}
],
"datePublic": "2025-09-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CISA Thorium uses \u0027.unwrap()\u0027 to handle errors related to account verification email messages. An unauthenticated remote attacker could cause a crash by providing a specially crafted email address or response. Fixed in commit 6a65a27."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
},
{
"other": {
"content": {
"id": "CVE-2025-35436",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-05T15:28:30.805878Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248 Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T16:53:47.289Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://github.com/mjcarson/thorium/commit/6a65a2711fb2387e8c3eacebc774053741bf5aeb"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35436"
},
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-259-01.json"
}
],
"title": "CISA Thorium account verification email error handling"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-35436",
"datePublished": "2025-09-17T16:53:47.289Z",
"dateReserved": "2025-04-15T20:57:14.281Z",
"dateUpdated": "2025-09-30T16:36:16.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-36539 (GCVE-0-2025-36539)
Vulnerability from cvelistv5 – Published: 2025-06-12 19:56 – Updated: 2025-06-12 20:04
VLAI
Title
AVEVA PI Data Archive Uncaught Exception
Summary
AVEVA PI Data Archive products
are vulnerable to an uncaught exception that, if exploited, could allow
an authenticated user to shut down certain necessary PI Data Archive
subsystems, resulting in a denial of service.
Severity
CWE
Assigner
References
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| AVEVA | PI Data Archive |
Affected:
2023 , ≤ 2018 SP3 Patch 4
(custom)
|
|
| AVEVA | PI Data Archive |
Affected:
2023 Patch 1
|
|
| AVEVA | PI Server |
Affected:
2023 , ≤ 2018 SP3 Patch 6
(custom)
|
|
| AVEVA | PI Server |
Affected:
2023 Patch 1 , ≤ 2018 SP3 Patch 6
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-36539",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-12T20:04:09.170573Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T20:04:23.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PI Data Archive",
"vendor": "AVEVA",
"versions": [
{
"lessThanOrEqual": "2018 SP3 Patch 4",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PI Data Archive",
"vendor": "AVEVA",
"versions": [
{
"status": "affected",
"version": "2023 Patch 1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PI Server",
"vendor": "AVEVA",
"versions": [
{
"lessThanOrEqual": "2018 SP3 Patch 6",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PI Server",
"vendor": "AVEVA",
"versions": [
{
"lessThanOrEqual": "2018 SP3 Patch 6",
"status": "affected",
"version": "2023 Patch 1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "AVEVA reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AVEVA PI Data Archive products \nare vulnerable to an uncaught exception that, if exploited, could allow \nan authenticated user to shut down certain necessary PI Data Archive \nsubsystems, resulting in a denial of service."
}
],
"value": "AVEVA PI Data Archive products \nare vulnerable to an uncaught exception that, if exploited, could allow \nan authenticated user to shut down certain necessary PI Data Archive \nsubsystems, resulting in a denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T19:56:33.320Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-07"
},
{
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAVEVA recommends that organizations evaluate the impact of these \nvulnerabilities based on their operational environment, architecture, \nand product implementation. Users with affected product versions should \napply security updates to mitigate the risk of exploit.\u003c/p\u003e\u003cp\u003eAll affected versions of PI Data \nArchive and PI Server can be fixed by upgrading to PI Server 2024 or \nhigher. From \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://my.osisoft.com/\"\u003eOSISoft Customer Portal\u003c/a\u003e, search for \"AVEVA PI Server\" and select version 2024 or higher.\u003c/p\u003e\u003cp\u003eFor additional information please refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2025-001\u003c/a\u003e.\n\n\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "AVEVA recommends that organizations evaluate the impact of these \nvulnerabilities based on their operational environment, architecture, \nand product implementation. Users with affected product versions should \napply security updates to mitigate the risk of exploit.\n\nAll affected versions of PI Data \nArchive and PI Server can be fixed by upgrading to PI Server 2024 or \nhigher. From OSISoft Customer Portal https://my.osisoft.com/ , search for \"AVEVA PI Server\" and select version 2024 or higher.\n\nFor additional information please refer to AVEVA-2025-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
}
],
"source": {
"advisory": "ICSA-25-162-07",
"discovery": "INTERNAL"
},
"title": "AVEVA PI Data Archive Uncaught Exception",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAVEVA recommends that organizations evaluate the impact of these \nvulnerabilities based on their operational environment, architecture, \nand product implementation. Users with affected product versions should \napply security updates to mitigate the risk of exploit.\u003c/p\u003e\u003cp\u003eAVEVA further recommends users follow general defensive measures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor liveness of PI Network Manager and PI Archive Subsystem services.\u003c/li\u003e\n\u003cli\u003eSet the PI Network Manager and PI Archive Subsystem services to automatically restart.\u003c/li\u003e\n\u003cli\u003eLimit Port 5450 access to trusted workstations and software.\u003c/li\u003e\n\u003cli\u003eFor a list of PI System firewall port requirements, see knowledge base article \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162\"\u003eKB01162 - Firewall Port Requirements\u003c/a\u003e.\u003c/li\u003e\u003c/ul\u003e\u003cli\u003eImpact and severity of vulnerabilities can be reduced through \nindustry accepted IT practices. Please consult your IT engineer for \nadvice on how to best implement these firewall restrictions in your \norganization\u0027s architecture. OSIsoft technical support provides guidance\n on architectural approaches, backup procedures, network defenses, and \noperating system configuration.\u003c/li\u003e\u003cli\u003eFor a starting point on PI System security best practices, see knowledge base article \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB00833\"\u003eKB00833 - Seven best practices for securing your PI Server\u003c/a\u003e.\u003c/li\u003e\u003cp\u003eFor additional information please refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2025-001\u003c/a\u003e.\n\n\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "AVEVA recommends that organizations evaluate the impact of these \nvulnerabilities based on their operational environment, architecture, \nand product implementation. Users with affected product versions should \napply security updates to mitigate the risk of exploit.\n\nAVEVA further recommends users follow general defensive measures:\n\n\n\n * Monitor liveness of PI Network Manager and PI Archive Subsystem services.\n\n * Set the PI Network Manager and PI Archive Subsystem services to automatically restart.\n\n * Limit Port 5450 access to trusted workstations and software.\n\n * For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements https://customers.osisoft.com/s/knowledgearticle .\n\n\n * Impact and severity of vulnerabilities can be reduced through \nindustry accepted IT practices. Please consult your IT engineer for \nadvice on how to best implement these firewall restrictions in your \norganization\u0027s architecture. OSIsoft technical support provides guidance\n on architectural approaches, backup procedures, network defenses, and \noperating system configuration.\n * For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server https://customers.osisoft.com/s/knowledgearticle .\nFor additional information please refer to AVEVA-2025-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-36539",
"datePublished": "2025-06-12T19:56:33.320Z",
"dateReserved": "2025-04-21T19:39:54.984Z",
"dateUpdated": "2025-06-12T20:04:23.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3891 (GCVE-0-2025-3891)
Vulnerability from cvelistv5 – Published: 2025-04-29 11:56 – Updated: 2025-11-11 12:09
VLAI
Title
Mod_auth_openidc: dos via empty post in mod_auth_openidc with oidcpreservepost enabled
Summary
A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability.
Severity
7.5 (High)
CWE
- CWE-248 - Uncaught Exception
Assigner
References
13 references
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
2.0.0 , < 2.4.13.1
(semver)
|
|||
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
8100020250426100353.489197e6 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support |
Unaffected:
8020020250612174445.4cda2c84 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support |
Unaffected:
8040020250618101351.522a0ee4 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support |
Unaffected:
8060020250617090503.ad008a3a , < *
(rpm)
cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Telecommunications Update Service |
Unaffected:
8060020250617090503.ad008a3a , < *
(rpm)
cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions |
Unaffected:
8060020250617090503.ad008a3a , < *
(rpm)
cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.8 Telecommunications Update Service |
Unaffected:
8080020250617090716.63b34585 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions |
Unaffected:
8080020250617090716.63b34585 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:2.4.10-1.el9_6.2 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions |
Unaffected:
0:2.4.9.4-1.el9_0.3 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:9.0::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions |
Unaffected:
0:2.4.9.4-1.el9_2.3 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:9.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.4 Extended Update Support |
Unaffected:
0:2.4.9.4-4.el9_4.2 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
Date Public
2025-04-29 11:37
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3891",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-29T13:28:13.900026Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T13:28:56.905Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-05-08T11:02:57.903Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/OpenIDC/mod_auth_openidc",
"defaultStatus": "unaffected",
"packageName": "mod_auth_openidc",
"versions": [
{
"lessThan": "2.4.13.1",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "mod_auth_openidc:2.3",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8100020250426100353.489197e6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.2::appstream"
],
"defaultStatus": "affected",
"packageName": "mod_auth_openidc:2.3",
"product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8020020250612174445.4cda2c84",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.4::appstream"
],
"defaultStatus": "affected",
"packageName": "mod_auth_openidc:2.3",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8040020250618101351.522a0ee4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_tus:8.6::appstream",
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "mod_auth_openidc:2.3",
"product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8060020250617090503.ad008a3a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_tus:8.6::appstream",
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "mod_auth_openidc:2.3",
"product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8060020250617090503.ad008a3a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_tus:8.6::appstream",
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "mod_auth_openidc:2.3",
"product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8060020250617090503.ad008a3a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/a:redhat:rhel_tus:8.8::appstream"
],
"defaultStatus": "affected",
"packageName": "mod_auth_openidc:2.3",
"product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8080020250617090716.63b34585",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/a:redhat:rhel_tus:8.8::appstream"
],
"defaultStatus": "affected",
"packageName": "mod_auth_openidc:2.3",
"product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8080020250617090716.63b34585",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "mod_auth_openidc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.4.10-1.el9_6.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"packageName": "mod_auth_openidc",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.4.9.4-1.el9_0.3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream"
],
"defaultStatus": "affected",
"packageName": "mod_auth_openidc",
"product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.4.9.4-1.el9_2.3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"packageName": "mod_auth_openidc",
"product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.4.9.4-4.el9_4.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "mod_auth_openidc",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "mod_auth_openidc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
}
],
"datePublic": "2025-04-29T11:37:07.680Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T12:09:56.342Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2025:10002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10002"
},
{
"name": "RHSA-2025:10003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10003"
},
{
"name": "RHSA-2025:10004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10004"
},
{
"name": "RHSA-2025:10006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10006"
},
{
"name": "RHSA-2025:10007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10007"
},
{
"name": "RHSA-2025:10008",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10008"
},
{
"name": "RHSA-2025:10010",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10010"
},
{
"name": "RHSA-2025:4597",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:4597"
},
{
"name": "RHSA-2025:9396",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:9396"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-3891"
},
{
"name": "RHBZ#2361633",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2361633"
},
{
"url": "https://github.com/OpenIDC/mod_auth_openidc/commit/6a0b5f66c87184dfe0e4400f6bdd46a82dc0ec2b"
},
{
"url": "https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-x7cf-8wgv-5j86"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-22T11:16:32.159Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-04-29T11:37:07.680Z",
"value": "Made public."
}
],
"title": "Mod_auth_openidc: dos via empty post in mod_auth_openidc with oidcpreservepost enabled",
"x_redhatCweChain": "CWE-248: Uncaught Exception"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-3891",
"datePublished": "2025-04-29T11:56:50.808Z",
"dateReserved": "2025-04-23T06:53:53.124Z",
"dateUpdated": "2025-11-11T12:09:56.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43855 (GCVE-0-2025-43855)
Vulnerability from cvelistv5 – Published: 2025-04-24 13:58 – Updated: 2025-05-14 20:07
VLAI
Title
tRPC 11 WebSocket DoS Vulnerability
Summary
tRPC allows users to build & consume fully typesafe APIs without schemas or code generation. In versions starting from 11.0.0 to before 11.1.1, an unhandled error is thrown when validating invalid connectionParams which crashes a tRPC WebSocket server. This allows any unauthenticated user to crash a tRPC 11 WebSocket server. Any tRPC 11 server with WebSocket enabled with a createContext method set is vulnerable. This issue has been patched in version 11.1.1.
Severity
CWE
- CWE-248 - Uncaught Exception
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/trpc/trpc/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/trpc/trpc/commit/9beb26c636d44… | x_refsource_MISC |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43855",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-24T14:14:25.436065Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T14:17:26.881Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "trpc",
"vendor": "trpc",
"versions": [
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.1.1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Luke Childs \u003cmail@lu.ke\u003e"
}
],
"descriptions": [
{
"lang": "en",
"value": "tRPC allows users to build \u0026 consume fully typesafe APIs without schemas or code generation. In versions starting from 11.0.0 to before 11.1.1, an unhandled error is thrown when validating invalid connectionParams which crashes a tRPC WebSocket server. This allows any unauthenticated user to crash a tRPC 11 WebSocket server. Any tRPC 11 server with WebSocket enabled with a createContext method set is vulnerable. This issue has been patched in version 11.1.1."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248: Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T20:07:29.865Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/trpc/trpc/security/advisories/GHSA-pj3v-9cm8-gvj8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/trpc/trpc/security/advisories/GHSA-pj3v-9cm8-gvj8"
},
{
"name": "https://github.com/trpc/trpc/commit/9beb26c636d44852e0f407f3d7a82ad54df65b4d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/trpc/trpc/commit/9beb26c636d44852e0f407f3d7a82ad54df65b4d"
}
],
"source": {
"advisory": "GHSA-pj3v-9cm8-gvj8",
"discovery": "UNKNOWN"
},
"title": "tRPC 11 WebSocket DoS Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-43855",
"datePublished": "2025-04-24T13:58:30.536Z",
"dateReserved": "2025-04-17T20:07:08.555Z",
"dateUpdated": "2025-05-14T20:07:29.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-44019 (GCVE-0-2025-44019)
Vulnerability from cvelistv5 – Published: 2025-06-12 19:51 – Updated: 2025-06-12 20:06
VLAI
Title
AVEVA PI Data Archive Uncaught Exception
Summary
AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if
exploited, could allow an authenticated user to shut down certain
necessary PI Data Archive subsystems, resulting in a denial of service.
Depending on the timing of the crash, data present in snapshots/write
cache may be lost.
Severity
CWE
Assigner
References
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| AVEVA | PI Data Archive |
Affected:
0 , ≤ 2018 SP3 Patch 4
(custom)
|
|
| AVEVA | PI Data Archive |
Affected:
2023
|
|
| AVEVA | PI Data Archive |
Affected:
2023 Patch 1
|
|
| AVEVA | PI Server |
Affected:
0 , ≤ 2018 SP3 Patch 6
(custom)
|
|
| AVEVA | PI Server |
Affected:
2023
|
|
| AVEVA | PI Server |
Affected:
2023 Patch 1
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-44019",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-12T20:06:34.741269Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T20:06:50.361Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PI Data Archive",
"vendor": "AVEVA",
"versions": [
{
"lessThanOrEqual": "2018 SP3 Patch 4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PI Data Archive",
"vendor": "AVEVA",
"versions": [
{
"status": "affected",
"version": "2023"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PI Data Archive",
"vendor": "AVEVA",
"versions": [
{
"status": "affected",
"version": "2023 Patch 1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PI Server",
"vendor": "AVEVA",
"versions": [
{
"lessThanOrEqual": "2018 SP3 Patch 6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PI Server",
"vendor": "AVEVA",
"versions": [
{
"status": "affected",
"version": "2023"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PI Server",
"vendor": "AVEVA",
"versions": [
{
"status": "affected",
"version": "2023 Patch 1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "AVEVA reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if \nexploited, could allow an authenticated user to shut down certain \nnecessary PI Data Archive subsystems, resulting in a denial of service. \nDepending on the timing of the crash, data present in snapshots/write \ncache may be lost."
}
],
"value": "AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if \nexploited, could allow an authenticated user to shut down certain \nnecessary PI Data Archive subsystems, resulting in a denial of service. \nDepending on the timing of the crash, data present in snapshots/write \ncache may be lost."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T19:59:08.542Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-07"
},
{
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
},
{
"url": "https://my.osisoft.com/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAVEVA recommends that organizations evaluate the impact of these \nvulnerabilities based on their operational environment, architecture, \nand product implementation. Users with affected product versions should \napply security updates to mitigate the risk of exploit.\u003c/p\u003e\u003cp\u003eAll affected versions of PI Data \nArchive and PI Server can be fixed by upgrading to PI Server 2024 or \nhigher. From \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://my.osisoft.com/\"\u003eOSISoft Customer Portal\u003c/a\u003e, search for \"AVEVA PI Server\" and select version 2024 or higher.\u003c/p\u003e\u003cp\u003ePI Data Archive 2018 SP3 Patch 4 and all prior and \nPI Server 2018 SP3 Patch 6 and all prior can alternatively be fixed by \nupgrading to PI Server 2018 SP3 Patch 7 or higher. From \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://my.osisoft.com/\"\u003eOSISoft Customer Portal\u003c/a\u003e, search for \"AVEVA PI Server\" and select Version 2018 SP3 Patch 7 or higher.\u003c/p\u003e\u003cp\u003eFor additional information please refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2025-001\u003c/a\u003e.\n\n\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "AVEVA recommends that organizations evaluate the impact of these \nvulnerabilities based on their operational environment, architecture, \nand product implementation. Users with affected product versions should \napply security updates to mitigate the risk of exploit.\n\nAll affected versions of PI Data \nArchive and PI Server can be fixed by upgrading to PI Server 2024 or \nhigher. From OSISoft Customer Portal https://my.osisoft.com/ , search for \"AVEVA PI Server\" and select version 2024 or higher.\n\nPI Data Archive 2018 SP3 Patch 4 and all prior and \nPI Server 2018 SP3 Patch 6 and all prior can alternatively be fixed by \nupgrading to PI Server 2018 SP3 Patch 7 or higher. From OSISoft Customer Portal https://my.osisoft.com/ , search for \"AVEVA PI Server\" and select Version 2018 SP3 Patch 7 or higher.\n\nFor additional information please refer to AVEVA-2025-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
}
],
"source": {
"advisory": "ICSA-25-162-07",
"discovery": "INTERNAL"
},
"title": "AVEVA PI Data Archive Uncaught Exception",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAVEVA recommends that organizations evaluate the impact of these \nvulnerabilities based on their operational environment, architecture, \nand product implementation. Users with affected product versions should \napply security updates to mitigate the risk of exploit.\u0026nbsp;\u003c/p\u003e\u003cp\u003eAVEVA further recommends users follow general defensive measures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor liveness of PI Network Manager and PI Archive Subsystem services.\u003c/li\u003e\n\u003cli\u003eSet the PI Network Manager and PI Archive Subsystem services to automatically restart.\u003c/li\u003e\n\u003cli\u003eLimit Port 5450 access to trusted workstations and software.\u003c/li\u003e\n\u003cli\u003eFor a list of PI System firewall port requirements, see knowledge base article \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162\"\u003eKB01162 - Firewall Port Requirements\u003c/a\u003e.\u003c/li\u003e\u003c/ul\u003e\u003cli\u003eImpact and severity of vulnerabilities can be reduced through \nindustry accepted IT practices. Please consult your IT engineer for \nadvice on how to best implement these firewall restrictions in your \norganization\u0027s architecture. OSIsoft technical support provides guidance\n on architectural approaches, backup procedures, network defenses, and \noperating system configuration.\u003c/li\u003e\n\u003cli\u003eFor a starting point on PI System security best practices, see knowledge base article \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB00833\"\u003eKB00833 - Seven best practices for securing your PI Server\u003c/a\u003e.\n\u003cp\u003e\u003c/p\u003e\u003cp\u003eFor additional information please refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2025-001\u003c/a\u003e.\n\n\u003c/p\u003e\n\n\u003c/li\u003e\u003cli\u003e\u003cbr\u003e\u003c/li\u003e"
}
],
"value": "AVEVA recommends that organizations evaluate the impact of these \nvulnerabilities based on their operational environment, architecture, \nand product implementation. Users with affected product versions should \napply security updates to mitigate the risk of exploit.\u00a0\n\nAVEVA further recommends users follow general defensive measures:\n\n\n\n * Monitor liveness of PI Network Manager and PI Archive Subsystem services.\n\n * Set the PI Network Manager and PI Archive Subsystem services to automatically restart.\n\n * Limit Port 5450 access to trusted workstations and software.\n\n * For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements https://customers.osisoft.com/s/knowledgearticle .\n\n\n * Impact and severity of vulnerabilities can be reduced through \nindustry accepted IT practices. Please consult your IT engineer for \nadvice on how to best implement these firewall restrictions in your \norganization\u0027s architecture. OSIsoft technical support provides guidance\n on architectural approaches, backup procedures, network defenses, and \noperating system configuration.\n\n * For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server https://customers.osisoft.com/s/knowledgearticle .\n\n\nFor additional information please refer to AVEVA-2025-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ .\n\n\n\n\n\n\n *"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-44019",
"datePublished": "2025-06-12T19:51:56.663Z",
"dateReserved": "2025-04-21T19:39:54.994Z",
"dateUpdated": "2025-06-12T20:06:50.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47281 (GCVE-0-2025-47281)
Vulnerability from cvelistv5 – Published: 2025-07-23 20:35 – Updated: 2025-07-23 20:49
VLAI
Title
Kyverno's Improper JMESPath Variable Evaluation Leads to Denial of Service
Summary
Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service (DoS) vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft expressions using the {{@}} variable combined with a pipe and an invalid JMESPath function (e.g., {{@ | non_existent_function }}). This leads to a nil value being substituted into the policy structure. Subsequent processing by internal functions, specifically getValueAsStringMap, which expect string values, results in a panic due to a type assertion failure (interface {} is nil, not string). This crashes Kyverno worker threads in the admission controller and causes continuous crashes of the reports controller pod. This is fixed in version 1.14.2.
Severity
7.7 (High)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/kyverno/kyverno/security/advis… | x_refsource_CONFIRM |
| https://github.com/kyverno/kyverno/commit/cbd7d4c… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47281",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-23T20:49:21.262159Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T20:49:31.882Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/kyverno/kyverno/security/advisories/GHSA-r5p3-955p-5ggq"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "kyverno",
"vendor": "kyverno",
"versions": [
{
"status": "affected",
"version": "\u003c 1.14.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service (DoS) vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft expressions using the {{@}} variable combined with a pipe and an invalid JMESPath function (e.g., {{@ | non_existent_function }}). This leads to a nil value being substituted into the policy structure. Subsequent processing by internal functions, specifically getValueAsStringMap, which expect string values, results in a panic due to a type assertion failure (interface {} is nil, not string). This crashes Kyverno worker threads in the admission controller and causes continuous crashes of the reports controller pod. This is fixed in version 1.14.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248: Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T20:35:21.199Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/kyverno/kyverno/security/advisories/GHSA-r5p3-955p-5ggq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/kyverno/kyverno/security/advisories/GHSA-r5p3-955p-5ggq"
},
{
"name": "https://github.com/kyverno/kyverno/commit/cbd7d4ca24de1c55396fc3295e9fc3215832be7c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kyverno/kyverno/commit/cbd7d4ca24de1c55396fc3295e9fc3215832be7c"
}
],
"source": {
"advisory": "GHSA-r5p3-955p-5ggq",
"discovery": "UNKNOWN"
},
"title": "Kyverno\u0027s Improper JMESPath Variable Evaluation Leads to Denial of Service"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-47281",
"datePublished": "2025-07-23T20:35:21.199Z",
"dateReserved": "2025-05-05T16:53:10.373Z",
"dateUpdated": "2025-07-23T20:49:31.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47944 (GCVE-0-2025-47944)
Vulnerability from cvelistv5 – Published: 2025-05-19 19:20 – Updated: 2025-05-20 13:13
VLAI
Title
Multer vulnerable to Denial of Service from maliciously crafted requests
Summary
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.0 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to version 2.0.0 to receive a patch. No known workarounds are available.
Severity
7.5 (High)
CWE
- CWE-248 - Uncaught Exception
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/expressjs/multer/security/advi… | x_refsource_CONFIRM |
| https://github.com/expressjs/multer/issues/1176 | x_refsource_MISC |
| https://github.com/expressjs/multer/commit/2c8505… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47944",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T13:13:42.761276Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T13:13:49.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "multer",
"vendor": "expressjs",
"versions": [
{
"status": "affected",
"version": "\u003e=1.4.4-lts.1, \u003c2.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.0 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to version 2.0.0 to receive a patch. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248: Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-19T19:20:45.401Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/expressjs/multer/security/advisories/GHSA-4pg4-qvpc-4q3h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/expressjs/multer/security/advisories/GHSA-4pg4-qvpc-4q3h"
},
{
"name": "https://github.com/expressjs/multer/issues/1176",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/expressjs/multer/issues/1176"
},
{
"name": "https://github.com/expressjs/multer/commit/2c8505f207d923dd8de13a9f93a4563e59933665",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/expressjs/multer/commit/2c8505f207d923dd8de13a9f93a4563e59933665"
}
],
"source": {
"advisory": "GHSA-4pg4-qvpc-4q3h",
"discovery": "UNKNOWN"
},
"title": "Multer vulnerable to Denial of Service from maliciously crafted requests"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-47944",
"datePublished": "2025-05-19T19:20:45.401Z",
"dateReserved": "2025-05-14T10:32:43.530Z",
"dateUpdated": "2025-05-20T13:13:49.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48430 (GCVE-0-2025-48430)
Vulnerability from cvelistv5 – Published: 2025-10-23 03:39 – Updated: 2025-10-23 15:26
VLAI
Summary
Uncaught Exception (CWE-248) in the Command Centre Server allows an Authorized and Privileged Operator to crash the Command Centre Server at will.
This issue affects Command Centre Server:
9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.
Severity
5.5 (Medium)
CWE
- CWE-248 - Uncaught Exception
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre Server |
Affected:
0 , ≤ 8.90
(custom)
Affected: 9.30 , < 9.30.2482 (MR2) (custom) Affected: 9.20 , < 9.20.2819 (MR4) (custom) Affected: 9.10 , < 9.10.3672 (MR7) (custom) Affected: 9.00 , < 9.00.3831 (MR8) (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48430",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T15:26:15.583401Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T15:26:56.990Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre Server",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.30.2482 (MR2)",
"status": "affected",
"version": "9.30",
"versionType": "custom"
},
{
"lessThan": "9.20.2819 (MR4)",
"status": "affected",
"version": "9.20",
"versionType": "custom"
},
{
"lessThan": "9.10.3672 (MR7)",
"status": "affected",
"version": "9.10",
"versionType": "custom"
},
{
"lessThan": "9.00.3831 (MR8)",
"status": "affected",
"version": "9.00",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUncaught Exception (CWE-248) in the Command Centre Server allows an Authorized and Privileged Operator to crash the Command Centre Server at will.\u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre Server: \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e9.30 prior to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Uncaught Exception (CWE-248) in the Command Centre Server allows an Authorized and Privileged Operator to crash the Command Centre Server at will.\n\nThis issue affects Command Centre Server: \n\n9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248 Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T03:39:31.438Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-48430"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2025-48430",
"datePublished": "2025-10-23T03:39:31.438Z",
"dateReserved": "2025-06-17T02:18:59.246Z",
"dateUpdated": "2025-10-23T15:26:56.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48907 (GCVE-0-2025-48907)
Vulnerability from cvelistv5 – Published: 2025-06-06 06:41 – Updated: 2025-06-09 13:26
VLAI
Summary
Deserialization vulnerability in the IPC module
Impact: Successful exploitation of this vulnerability may affect availability.
Severity
6.2 (Medium)
CWE
- CWE-248 - Uncaught Exception
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48907",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T13:26:09.519407Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T13:26:13.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "5.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Deserialization vulnerability in the IPC module\u003cbr\u003eImpact: Successful exploitation of this vulnerability may affect availability."
}
],
"value": "Deserialization vulnerability in the IPC module\nImpact: Successful exploitation of this vulnerability may affect availability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248 Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T06:41:03.604Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2025/6/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2025-48907",
"datePublished": "2025-06-06T06:41:03.604Z",
"dateReserved": "2025-05-28T08:10:04.503Z",
"dateUpdated": "2025-06-09T13:26:13.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48942 (GCVE-0-2025-48942)
Vulnerability from cvelistv5 – Published: 2025-05-30 18:33 – Updated: 2025-05-30 20:37
VLAI
Title
vLLM DOS: Remotely kill vllm over http with invalid JSON schema
Summary
vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8.0 up to but excluding 0.9.0, hitting the /v1/completions API with a invalid json_schema as a Guided Param kills the vllm server. This vulnerability is similar GHSA-9hcf-v7m4-6m2j/CVE-2025-48943, but for regex instead of a JSON schema. Version 0.9.0 fixes the issue.
Severity
6.5 (Medium)
CWE
- CWE-248 - Uncaught Exception
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/vllm-project/vllm/security/adv… | x_refsource_CONFIRM |
| https://github.com/vllm-project/vllm/issues/17248 | x_refsource_MISC |
| https://github.com/vllm-project/vllm/pull/17623 | x_refsource_MISC |
| https://github.com/vllm-project/vllm/commit/08bf7… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| vllm-project | vllm |
Affected:
>= 0.8.0, < 0.9.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48942",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T20:36:50.679547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T20:37:06.015Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "vllm",
"vendor": "vllm-project",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.8.0, \u003c 0.9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8.0 up to but excluding 0.9.0, hitting the /v1/completions API with a invalid json_schema as a Guided Param kills the vllm server. This vulnerability is similar GHSA-9hcf-v7m4-6m2j/CVE-2025-48943, but for regex instead of a JSON schema. Version 0.9.0 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248: Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T18:37:10.641Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/vllm-project/vllm/security/advisories/GHSA-6qc9-v4r8-22xg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-6qc9-v4r8-22xg"
},
{
"name": "https://github.com/vllm-project/vllm/issues/17248",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vllm-project/vllm/issues/17248"
},
{
"name": "https://github.com/vllm-project/vllm/pull/17623",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vllm-project/vllm/pull/17623"
},
{
"name": "https://github.com/vllm-project/vllm/commit/08bf7840780980c7568c573c70a6a8db94fd45ff",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vllm-project/vllm/commit/08bf7840780980c7568c573c70a6a8db94fd45ff"
}
],
"source": {
"advisory": "GHSA-6qc9-v4r8-22xg",
"discovery": "UNKNOWN"
},
"title": "vLLM DOS: Remotely kill vllm over http with invalid JSON schema"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-48942",
"datePublished": "2025-05-30T18:33:40.488Z",
"dateReserved": "2025-05-28T18:49:07.581Z",
"dateUpdated": "2025-05-30T20:37:06.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.