CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
CVE-2025-0426 (GCVE-0-2025-0426)
Vulnerability from cvelistv5 – Published: 2025-02-13 15:16 – Updated: 2025-02-13 17:02
VLAI
Summary
A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.
Severity
6.2 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
3 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Kubernetes | kubelet |
Affected:
1.32.0 , ≤ 1.32.1
(semver)
Affected: 1.31.0 , ≤ 1.31.5 (semver) Affected: 1.30.0 , ≤ 1.30.9 (semver) Unaffected: 1.32.2 Unaffected: 1.31.6 Unaffected: 1.30.10 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0426",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-13T16:29:18.956503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-13T16:29:27.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-02-13T17:02:37.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/13/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "kubelet",
"repo": "https://github.com/kubernetes/kubernetes",
"vendor": "Kubernetes",
"versions": [
{
"lessThanOrEqual": "1.32.1",
"status": "affected",
"version": "1.32.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.31.5",
"status": "affected",
"version": "1.31.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.30.9",
"status": "affected",
"version": "1.30.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "1.32.2"
},
{
"status": "unaffected",
"version": "1.31.6"
},
{
"status": "unaffected",
"version": "1.30.10"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eOnly clusters \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003erunning an affected version with the kubelet read-only HTTP port enabled and using a container runtime that supports the container checkpointing feature, such as CRI-O v1.25.0+ (with \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003eenable_criu_support\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp;set to \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003etrue\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e) or containerd v2.0+ with \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003ecriu\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp;installed, are affected.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Only clusters running an affected version with the kubelet read-only HTTP port enabled and using a container runtime that supports the container checkpointing feature, such as CRI-O v1.25.0+ (with enable_criu_support\u00a0set to true) or containerd v2.0+ with criu\u00a0installed, are affected."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tim Allclair"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eA security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node\u0027s disk. \u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node\u0027s disk."
}
],
"impacts": [
{
"capecId": "CAPEC-125",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-125 Flooding"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-13T15:16:13.703Z",
"orgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"shortName": "kubernetes"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/kubernetes/kubernetes/issues/130016"
},
{
"tags": [
"mailing-list"
],
"url": "https://groups.google.com/g/kubernetes-security-announce/c/KiODfu8i6w8"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"assignerShortName": "kubernetes",
"cveId": "CVE-2025-0426",
"datePublished": "2025-02-13T15:16:13.703Z",
"dateReserved": "2025-01-13T15:08:34.825Z",
"dateUpdated": "2025-02-13T17:02:37.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0704 (GCVE-0-2025-0704)
Vulnerability from cvelistv5 – Published: 2025-01-24 18:31 – Updated: 2025-01-24 20:57
VLAI
Title
JoeyBling bootplus QrCodeController.java qrCode resource consumption
Summary
A vulnerability, which was classified as problematic, was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. Affected is the function qrCode of the file src/main/java/io/github/controller/QrCodeController.java. The manipulation of the argument w/h leads to resource consumption. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
Severity
5.3 (Medium)
5.3 (Medium)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.293232 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.293232 | signaturepermissions-required |
| https://vuldb.com/?submit.480843 | third-party-advisory |
| https://github.com/JoeyBling/bootplus/issues/26 | issue-tracking |
| https://github.com/JoeyBling/bootplus/issues/26#i… | exploitissue-tracking |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0704",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T20:57:21.401593Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T20:57:42.050Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bootplus",
"vendor": "JoeyBling",
"versions": [
{
"status": "affected",
"version": "247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "LVZC3 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. Affected is the function qrCode of the file src/main/java/io/github/controller/QrCodeController.java. The manipulation of the argument w/h leads to resource consumption. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in JoeyBling bootplus bis 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d gefunden. Sie wurde als problematisch eingestuft. Es geht dabei um die Funktion qrCode der Datei src/main/java/io/github/controller/QrCodeController.java. Mittels dem Manipulieren des Arguments w/h mit unbekannten Daten kann eine resource consumption-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Dieses Produkt verzichtet auf eine Versionierung und verwendet stattdessen Rolling Releases. Deshalb sind keine Details zu betroffenen oder zu aktualisierende Versionen vorhanden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T18:31:07.998Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-293232 | JoeyBling bootplus QrCodeController.java qrCode resource consumption",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.293232"
},
{
"name": "VDB-293232 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.293232"
},
{
"name": "Submit #480843 | JoeyBling bootplus 1.0 DDOS",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.480843"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/JoeyBling/bootplus/issues/26"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/JoeyBling/bootplus/issues/26#issue-2786934642"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-24T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-01-24T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-01-24T10:51:49.000Z",
"value": "VulDB entry last update"
}
],
"title": "JoeyBling bootplus QrCodeController.java qrCode resource consumption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-0704",
"datePublished": "2025-01-24T18:31:07.998Z",
"dateReserved": "2025-01-24T09:46:43.506Z",
"dateUpdated": "2025-01-24T20:57:42.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10470 (GCVE-0-2025-10470)
Vulnerability from cvelistv5 – Published: 2026-05-11 10:16 – Updated: 2026-05-11 12:38
VLAI
Title
Denial-of-Service via Magic Link Authentication in WSO2 Identity Server Allows Service Unavailability
Summary
The Magic Link authentication flow accepts multiple invalid authentication requests without adequate rate limiting or resource control, leading to uncontrolled memory usage growth.
This vulnerability can result in a denial-of-service condition, causing service unavailability for deployments that utilize the Magic Link authenticator. The impact is limited to these specific deployments and requires repeated invalid authentication attempts to trigger.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.docs.wso2.com/en/latest/security… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| WSO2 | WSO2 Identity Server |
Affected:
7.0.0 , < 7.0.0.121
(custom)
|
|
| WSO2 | WSO2 Carbon MagicLink Authenticator Module |
Affected:
1.1.22 , < 1.1.22.3
(custom)
Unaffected: 1.1.31 , ≤ * (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10470",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T12:38:30.354857Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T12:38:39.383Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 Identity Server",
"vendor": "WSO2",
"versions": [
{
"lessThan": "7.0.0.121",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.identity.local.auth.magiclink:org.wso2.carbon.identity.application.authenticator.magiclink",
"product": "WSO2 Carbon MagicLink Authenticator Module",
"vendor": "WSO2",
"versions": [
{
"lessThan": "1.1.22.3",
"status": "affected",
"version": "1.1.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "1.1.31",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.121",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:wso2_carbon_magiclink_authenticator_module:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.22.3",
"versionStartIncluding": "1.1.22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:wso2_carbon_magiclink_authenticator_module:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "1.1.31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Magic Link authentication flow accepts multiple invalid authentication requests without adequate rate limiting or resource control, leading to uncontrolled memory usage growth.\n\nThis vulnerability can result in a denial-of-service condition, causing service unavailability for deployments that utilize the Magic Link authenticator. The impact is limited to these specific deployments and requires repeated invalid authentication attempts to trigger."
}
],
"value": "The Magic Link authentication flow accepts multiple invalid authentication requests without adequate rate limiting or resource control, leading to uncontrolled memory usage growth.\n\nThis vulnerability can result in a denial-of-service condition, causing service unavailability for deployments that utilize the Magic Link authenticator. The impact is limited to these specific deployments and requires repeated invalid authentication attempts to trigger."
}
],
"impacts": [
{
"capecId": "CAPEC-132",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-132 CAPEC-132: Denial of Service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T10:16:52.358Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2026/WSO2-2025-4469/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2026/WSO2-2025-4469/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2026/WSO2-2025-4469/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2026/WSO2-2025-4469/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4469",
"discovery": "INTERNAL"
},
"title": "Denial-of-Service via Magic Link Authentication in WSO2 Identity Server Allows Service Unavailability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-10470",
"datePublished": "2026-05-11T10:16:52.358Z",
"dateReserved": "2025-09-15T08:51:01.163Z",
"dateUpdated": "2026-05-11T12:38:39.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10932 (GCVE-0-2025-10932)
Vulnerability from cvelistv5 – Published: 2025-10-29 14:12 – Updated: 2025-10-29 14:33
VLAI
Title
AS2 module allows uncontrolled file uploads
Summary
Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16.
Severity
8.2 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Progress | MOVEit Transfer |
Affected:
2025.0.0 , < 2025.0.3
(semver)
Affected: 2024.1.0 , < 2024.1.7 (semver) Affected: 2023.1.0 , < 2023.1.16 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10932",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-29T14:32:20.694306Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T14:33:14.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AS2"
],
"product": "MOVEit Transfer",
"vendor": "Progress",
"versions": [
{
"lessThan": "2025.0.3",
"status": "affected",
"version": "2025.0.0",
"versionType": "semver"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024.1.0",
"versionType": "semver"
},
{
"lessThan": "2023.1.16",
"status": "affected",
"version": "2023.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).\u003cp\u003eThis issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16.\u003c/p\u003e"
}
],
"value": "Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T14:12:33.439Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-CVE-2025-10932-October-29-2025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "AS2 module allows uncontrolled file uploads",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-10932",
"datePublished": "2025-10-29T14:12:33.439Z",
"dateReserved": "2025-09-24T17:13:32.630Z",
"dateUpdated": "2025-10-29T14:33:14.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11274 (GCVE-0-2025-11274)
Vulnerability from cvelistv5 – Published: 2025-10-05 00:02 – Updated: 2026-02-24 06:40
VLAI
Title
Open Asset Import Library Assimp Q3DLoader.cpp InternReadFile allocation of resources
Summary
A vulnerability was determined in Open Asset Import Library Assimp 6.0.2. Affected is the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. This manipulation causes allocation of resources. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.327008 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.327008 | signaturepermissions-required |
| https://vuldb.com/?submit.658075 | third-party-advisory |
| https://github.com/assimp/assimp/issues/6356 | issue-tracking |
| https://github.com/user-attachments/files/2240757… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Open Asset Import Library | Assimp |
Affected:
6.0.2
cpe:2.3:a:assimp:assimp:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11274",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-06T20:13:58.778912Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-06T20:14:06.704Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:assimp:assimp:*:*:*:*:*:*:*:*"
],
"product": "Assimp",
"vendor": "Open Asset Import Library",
"versions": [
{
"status": "affected",
"version": "6.0.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "sand (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in Open Asset Import Library Assimp 6.0.2. Affected is the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. This manipulation causes allocation of resources. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T06:40:05.515Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-327008 | Open Asset Import Library Assimp Q3DLoader.cpp InternReadFile allocation of resources",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.327008"
},
{
"name": "VDB-327008 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.327008"
},
{
"name": "Submit #658075 | Open Asset Import Library Assimp 6.0.2 / master commit 0581ed5 Uncontrolled Memory Allocation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.658075"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/assimp/assimp/issues/6356"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/user-attachments/files/22407575/poc.zip"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-10-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-11T07:42:08.000Z",
"value": "VulDB entry last update"
}
],
"title": "Open Asset Import Library Assimp Q3DLoader.cpp InternReadFile allocation of resources"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-11274",
"datePublished": "2025-10-05T00:02:07.007Z",
"dateReserved": "2025-10-04T06:02:46.519Z",
"dateUpdated": "2026-02-24T06:40:05.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11635 (GCVE-0-2025-11635)
Vulnerability from cvelistv5 – Published: 2025-10-12 14:02 – Updated: 2025-10-16 05:39
VLAI
Title
Tomofun Furbo 360 File Upload resource consumption
Summary
A weakness has been identified in Tomofun Furbo 360 up to FB0035_FW_036. This vulnerability affects unknown code of the component File Upload. This manipulation causes resource consumption. Remote exploitation of the attack is possible. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.328046 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.328046 | signaturepermissions-required |
| https://vuldb.com/?submit.661354 | third-party-advisory |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11635",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T15:09:13.827097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T15:09:19.754Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"File Upload"
],
"product": "Furbo 360",
"vendor": "Tomofun",
"versions": [
{
"status": "affected",
"version": "FB0035_FW_036"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Calvin Star (Software Secured)"
},
{
"lang": "en",
"type": "finder",
"value": "Julian B (Software Secured)"
},
{
"lang": "en",
"type": "reporter",
"value": "jTag Labs (VulDB User)"
},
{
"lang": "en",
"type": "analyst",
"value": "jTag Labs (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in Tomofun Furbo 360 up to FB0035_FW_036. This vulnerability affects unknown code of the component File Upload. This manipulation causes resource consumption. Remote exploitation of the attack is possible. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In Tomofun Furbo 360 up to FB0035_FW_036 wurde eine Schwachstelle gefunden. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Komponente File Upload. Die Ver\u00e4nderung resultiert in resource consumption. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:X",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:X",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:ND",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T05:39:24.123Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-328046 | Tomofun Furbo 360 File Upload resource consumption",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.328046"
},
{
"name": "VDB-328046 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.328046"
},
{
"name": "Submit #661354 | Tomofun Furbo 360 \u2264 FB0035_FW_036 Uncontrolled Resource Consumption",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.661354"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-15T20:00:00.000Z",
"value": "Vulnerability found"
},
{
"lang": "en",
"time": "2025-06-21T23:00:00.000Z",
"value": "Vendor informed"
},
{
"lang": "en",
"time": "2025-07-03T04:30:00.000Z",
"value": "Vendor acknowledged"
},
{
"lang": "en",
"time": "2025-10-11T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-10-11T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-16T07:44:14.000Z",
"value": "VulDB entry last update"
}
],
"title": "Tomofun Furbo 360 File Upload resource consumption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-11635",
"datePublished": "2025-10-12T14:02:05.607Z",
"dateReserved": "2025-10-11T18:32:25.348Z",
"dateUpdated": "2025-10-16T05:39:24.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-11681 (GCVE-0-2025-11681)
Vulnerability from cvelistv5 – Published: 2025-11-17 11:30 – Updated: 2026-02-23 10:33
VLAI
Title
Denial of Service condition in M-Files Server
Summary
Denial-of-service condition in M-Files Server versions before 25.11.15392.1, before 25.2 LTS SR2 and before 25.8 LTS SR2 allows an authenticated user to cause the MFserver process to crash.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://product.m-files.com/security-advisories/c… | vendor-advisory |
| https://empower.m-files.com/security-advisories/C… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| M-Files Corporation | M-Files Server |
Affected:
0 , < 25.11.15392.1
(custom)
Unaffected: 25.2.14524.13 Unaffected: 25.8.15085.17 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11681",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-17T14:35:26.225254Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T14:36:42.885Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "M-Files Server",
"vendor": "M-Files Corporation",
"versions": [
{
"lessThan": "25.11.15392.1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "25.2.14524.13"
},
{
"status": "unaffected",
"version": "25.8.15085.17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Denial-of-service condition in M-Files Server versions before 25.11.15392.1, before 25.2 LTS SR2 and before 25.8 LTS SR2 allows an authenticated user to cause the MFserver process to crash.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Denial-of-service condition in M-Files Server versions before 25.11.15392.1, before 25.2 LTS SR2 and before 25.8 LTS SR2 allows an authenticated user to cause the MFserver process to crash."
}
],
"impacts": [
{
"capecId": "CAPEC-492",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-492 Regular Expression Exponential Blowup"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-23T10:33:40.472Z",
"orgId": "bcf7a16e-bfdc-46e4-9e42-4187da3f4410",
"shortName": "M-Files Corporation"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://product.m-files.com/security-advisories/cve-2025-11681/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://empower.m-files.com/security-advisories/CVE-2025-11681"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Denial of Service condition in M-Files Server",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No workaround available on affected versions.\u003cbr\u003e"
}
],
"value": "No workaround available on affected versions."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bcf7a16e-bfdc-46e4-9e42-4187da3f4410",
"assignerShortName": "M-Files Corporation",
"cveId": "CVE-2025-11681",
"datePublished": "2025-11-17T11:30:25.324Z",
"dateReserved": "2025-10-13T10:29:59.870Z",
"dateUpdated": "2026-02-23T10:33:40.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12194 (GCVE-0-2025-12194)
Vulnerability from cvelistv5 – Published: 2025-10-24 22:51 – Updated: 2025-10-27 15:21
VLAI
Summary
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCMSIV.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA224NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA3NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHAKENativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA512NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA384NativeDigest.Java.
This issue affects Bouncy Castle for Java FIPS: from 2.1.0 through 2.1.1; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Legion of the Bouncy Castle Inc. | Bouncy Castle for Java FIPS |
Affected:
2.1.0 , ≤ 2.1.1
(maven)
|
|
| Legion of the Bouncy Castle Inc. | Bouncy Castle for Java LTS |
Affected:
2.73.0 , ≤ 2.73.7
(maven)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12194",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T15:21:29.159919Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T15:21:41.167Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
"defaultStatus": "unaffected",
"modules": [
"API"
],
"packageName": "bc-fips",
"platforms": [
"All"
],
"product": "Bouncy Castle for Java FIPS",
"programFiles": [
"core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCFB.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeGCM.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/fips/SHA256NativeDigest.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeEngine.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCBC.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCTR.java"
],
"repo": "ssh://bcgit@git.bouncycastle.org:bc-fips-2.1.X-java.git",
"vendor": "Legion of the Bouncy Castle Inc.",
"versions": [
{
"lessThanOrEqual": "2.1.1",
"status": "affected",
"version": "2.1.0",
"versionType": "maven"
}
]
},
{
"collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
"defaultStatus": "unaffected",
"modules": [
"API"
],
"packageName": "bcprov-lts8on",
"platforms": [
"All"
],
"product": "Bouncy Castle for Java LTS",
"programFiles": [
"core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCFB.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCM.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeEngine.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCBC.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCMSIV.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCCM.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCTR.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA256NativeDigest.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA224NativeDigest.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA3NativeDigest.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHAKENativeDigest.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA512NativeDigest.java",
"core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA384NativeDigest.java"
],
"repo": "https://github.com/bcgit/bc-lts-java",
"vendor": "Legion of the Bouncy Castle Inc.",
"versions": [
{
"lessThanOrEqual": "2.73.7",
"status": "affected",
"version": "2.73.0",
"versionType": "maven"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bouncy_castle_for_java_fips:*:*:all:*:*:*:*:*",
"versionEndIncluding": "2.1.1",
"versionStartIncluding": "2.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bouncy_castle_for_java_lts:*:*:all:*:*:*:*:*",
"versionEndIncluding": "2.73.7",
"versionStartIncluding": "2.73.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCFB.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeGCM.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/SHA256NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeEngine.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCBC.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCTR.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCFB.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCM.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeEngine.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCBC.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCMSIV.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCCM.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCTR.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA256NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA224NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA3NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHAKENativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA512NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA384NativeDigest.Java\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Bouncy Castle for Java FIPS: from 2.1.0 through 2.1.1; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.\u003c/p\u003e"
}
],
"value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCMSIV.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA224NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA3NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHAKENativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA512NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA384NativeDigest.Java.\n\nThis issue affects Bouncy Castle for Java FIPS: from 2.1.0 through 2.1.1; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7."
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:P/AU:N/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T23:01:19.091Z",
"orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
"shortName": "bcorg"
},
"references": [
{
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%9012194"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
"assignerShortName": "bcorg",
"cveId": "CVE-2025-12194",
"datePublished": "2025-10-24T22:51:36.942Z",
"dateReserved": "2025-10-24T20:54:20.444Z",
"dateUpdated": "2025-10-27T15:21:41.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-13466 (GCVE-0-2025-13466)
Vulnerability from cvelistv5 – Published: 2025-11-24 18:29 – Updated: 2025-11-24 18:57
VLAI
Title
body-parser vulnerable to denial of service when url encoding is used
Summary
body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB request size limit, causing elevated CPU and memory usage. This can lead to service slowdown or partial outages under sustained malicious traffic.
This issue is addressed in version 2.2.1.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/expressjs/body-parser/security… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| body-parser | body-parser |
Affected:
2.2.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-24T18:56:18.998047Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T18:57:00.939Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "body-parser",
"product": "body-parser",
"repo": "https://github.com/expressjs/body-parser",
"vendor": "body-parser",
"versions": [
{
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Phillip Barta"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Sebastian Beltran"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Ulises Gasc\u00f3n"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Chris de Almeida"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Jean Burellier"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003ebody-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB request size limit, causing elevated CPU and memory usage. This can lead to service slowdown or partial outages under sustained malicious traffic.\u003cbr\u003e\u003cp\u003eThis issue is addressed in version 2.2.1.\u003c/p\u003e"
}
],
"value": "body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB request size limit, causing elevated CPU and memory usage. This can lead to service slowdown or partial outages under sustained malicious traffic.\nThis issue is addressed in version 2.2.1."
}
],
"impacts": [
{
"capecId": "CAPEC-469",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-469 HTTP DoS"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:P/AU:Y",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T18:29:36.725Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4"
}
],
"source": {
"advisory": "GHSA-wqch-xfxh-vrr4",
"discovery": "INTERNAL"
},
"title": "body-parser vulnerable to denial of service when url encoding is used",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2025-13466",
"datePublished": "2025-11-24T18:29:36.725Z",
"dateReserved": "2025-11-20T02:16:16.283Z",
"dateUpdated": "2025-11-24T18:57:00.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15532 (GCVE-0-2025-15532)
Vulnerability from cvelistv5 – Published: 2026-01-17 16:32 – Updated: 2026-02-26 15:58 X_Open Source
VLAI
Title
Open5GS Timer resource consumption
Summary
A security flaw has been discovered in Open5GS up to 2.7.5. This issue affects some unknown processing of the component Timer Handler. The manipulation results in resource consumption. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The patch is identified as c7c131f8d2cb1195ada5e0e691b6868ebcd8a845. It is best practice to apply a patch to resolve this issue.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.341599 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.341599 | signaturepermissions-required |
| https://vuldb.com/?submit.729354 | third-party-advisory |
| https://vuldb.com/?submit.729357 | third-party-advisory |
| https://vuldb.com/?submit.735340 | third-party-advisory |
| https://vuldb.com/?submit.735341 | third-party-advisory |
| https://vuldb.com/?submit.735342 | third-party-advisory |
| https://github.com/open5gs/open5gs/issues/4220 | issue-tracking |
| https://github.com/open5gs/open5gs/issues/4221 | issue-tracking |
| https://github.com/open5gs/open5gs/issues/4220#is… | exploitissue-tracking |
| https://github.com/open5gs/open5gs/commit/c7c131f… | patch |
| https://github.com/open5gs/open5gs/ | product |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15532",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T21:27:08.727039Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:58:53.346Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*"
],
"modules": [
"Timer Handler"
],
"product": "Open5GS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.7.0"
},
{
"status": "affected",
"version": "2.7.1"
},
{
"status": "affected",
"version": "2.7.2"
},
{
"status": "affected",
"version": "2.7.3"
},
{
"status": "affected",
"version": "2.7.4"
},
{
"status": "affected",
"version": "2.7.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ZiyuLin (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in Open5GS up to 2.7.5. This issue affects some unknown processing of the component Timer Handler. The manipulation results in resource consumption. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The patch is identified as c7c131f8d2cb1195ada5e0e691b6868ebcd8a845. It is best practice to apply a patch to resolve this issue."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-23T08:32:45.380Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-341599 | Open5GS Timer resource consumption",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.341599"
},
{
"name": "VDB-341599 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.341599"
},
{
"name": "Submit #729354 | Open5GS SGWC v2.7.6 Denial of Service",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.729354"
},
{
"name": "Submit #729357 | Open5GS SGWC v2.7.6 Denial of Service (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.729357"
},
{
"name": "Submit #735340 | Open5GS SMF v2.7.6 Denial of Service (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.735340"
},
{
"name": "Submit #735341 | Open5GS SGWC v2.7.6 Denial of Service (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.735341"
},
{
"name": "Submit #735342 | Open5GS SGWC v2.7.6 Denial of Service (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.735342"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/open5gs/open5gs/issues/4220"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/open5gs/open5gs/issues/4221"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/open5gs/open5gs/issues/4220#issue-3766066853"
},
{
"tags": [
"patch"
],
"url": "https://github.com/open5gs/open5gs/commit/c7c131f8d2cb1195ada5e0e691b6868ebcd8a845"
},
{
"tags": [
"product"
],
"url": "https://github.com/open5gs/open5gs/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-01-16T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-16T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-02-09T21:59:42.000Z",
"value": "VulDB entry last update"
}
],
"title": "Open5GS Timer resource consumption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15532",
"datePublished": "2026-01-17T16:32:07.558Z",
"dateReserved": "2026-01-16T16:35:56.438Z",
"dateUpdated": "2026-02-26T15:58:53.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Design throttling mechanisms into the system architecture. The best protection is to limit the amount of resources that an unauthorized user can cause to be expended. A strong authentication and access control model will help prevent such attacks from occurring in the first place. The login application should be protected against DoS attacks as much as possible. Limiting the database access, perhaps by caching result sets, can help minimize the resources expended. To further limit the potential for a DoS attack, consider tracking the rate of requests received from users and blocking requests that exceed a defined rate threshold.
Mitigation
Phase: Architecture and Design
Description:
- Mitigation of resource exhaustion attacks requires that the target system either:
- The first of these solutions is an issue in itself though, since it may allow attackers to prevent the use of the system by a particular valid user. If the attacker impersonates the valid user, they may be able to prevent the user from accessing the server in question.
- The second solution is simply difficult to effectively institute -- and even when properly done, it does not provide a full solution. It simply makes the attack require more resources on the part of the attacker.
- recognizes the attack and denies that user further access for a given amount of time, or
- uniformly throttles all requests in order to make it more difficult to consume resources more quickly than they can again be freed.
Mitigation
Phase: Architecture and Design
Description:
- Ensure that protocols have specific limits of scale placed on them.
Mitigation
Phase: Implementation
Description:
- Ensure that all failures in resource allocation place the system into a safe posture.
CAPEC-147: XML Ping of the Death
An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.
CAPEC-227: Sustained Client Engagement
An adversary attempts to deny legitimate users access to a resource by continually engaging a specific resource in an attempt to keep the resource tied up as long as possible. The adversary's primary goal is not to crash or flood the target, which would alert defenders; rather it is to repeatedly perform actions or abuse algorithmic flaws such that a given resource is tied up and not available to a legitimate user. By carefully crafting a requests that keep the resource engaged through what is seemingly benign requests, legitimate users are limited or completely denied access to the resource.
CAPEC-492: Regular Expression Exponential Blowup
An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions.