CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
CVE-2025-8262 (GCVE-0-2025-8262)
Vulnerability from cvelistv5 – Published: 2025-07-28 07:02 – Updated: 2025-07-28 17:16
VLAI
Title
yarnpkg Yarn hosted-git-resolver.js explodeHostedGitFragment redos
Summary
A vulnerability was found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic. Affected is the function explodeHostedGitFragment of the file src/resolvers/exotics/hosted-git-resolver.js. The manipulation leads to inefficient regular expression complexity. It is possible to launch the attack remotely. The patch is identified as 97731871e674bf93bcbf29e9d3258da8685f3076. It is recommended to apply a patch to fix this issue.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.317850 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.317850 | signaturepermissions-required |
| https://vuldb.com/?submit.617393 | third-party-advisory |
| https://github.com/yarnpkg/yarn/pull/9199 | issue-tracking |
| https://github.com/yarnpkg/yarn/pull/9199/commits… | issue-trackingpatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| yarnpkg | Yarn |
Affected:
1.22.0
Affected: 1.22.1 Affected: 1.22.2 Affected: 1.22.3 Affected: 1.22.4 Affected: 1.22.5 Affected: 1.22.6 Affected: 1.22.7 Affected: 1.22.8 Affected: 1.22.9 Affected: 1.22.10 Affected: 1.22.11 Affected: 1.22.12 Affected: 1.22.13 Affected: 1.22.14 Affected: 1.22.15 Affected: 1.22.16 Affected: 1.22.17 Affected: 1.22.18 Affected: 1.22.19 Affected: 1.22.20 Affected: 1.22.21 Affected: 1.22.22 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8262",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-28T17:13:41.425895Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T17:16:45.501Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Yarn",
"vendor": "yarnpkg",
"versions": [
{
"status": "affected",
"version": "1.22.0"
},
{
"status": "affected",
"version": "1.22.1"
},
{
"status": "affected",
"version": "1.22.2"
},
{
"status": "affected",
"version": "1.22.3"
},
{
"status": "affected",
"version": "1.22.4"
},
{
"status": "affected",
"version": "1.22.5"
},
{
"status": "affected",
"version": "1.22.6"
},
{
"status": "affected",
"version": "1.22.7"
},
{
"status": "affected",
"version": "1.22.8"
},
{
"status": "affected",
"version": "1.22.9"
},
{
"status": "affected",
"version": "1.22.10"
},
{
"status": "affected",
"version": "1.22.11"
},
{
"status": "affected",
"version": "1.22.12"
},
{
"status": "affected",
"version": "1.22.13"
},
{
"status": "affected",
"version": "1.22.14"
},
{
"status": "affected",
"version": "1.22.15"
},
{
"status": "affected",
"version": "1.22.16"
},
{
"status": "affected",
"version": "1.22.17"
},
{
"status": "affected",
"version": "1.22.18"
},
{
"status": "affected",
"version": "1.22.19"
},
{
"status": "affected",
"version": "1.22.20"
},
{
"status": "affected",
"version": "1.22.21"
},
{
"status": "affected",
"version": "1.22.22"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "mmmsssttt (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic. Affected is the function explodeHostedGitFragment of the file src/resolvers/exotics/hosted-git-resolver.js. The manipulation leads to inefficient regular expression complexity. It is possible to launch the attack remotely. The patch is identified as 97731871e674bf93bcbf29e9d3258da8685f3076. It is recommended to apply a patch to fix this issue."
},
{
"lang": "de",
"value": "Es wurde eine problematische Schwachstelle in yarnpkg Yarn bis 1.22.22 ausgemacht. Es betrifft die Funktion explodeHostedGitFragment der Datei src/resolvers/exotics/hosted-git-resolver.js. Mittels dem Manipulieren mit unbekannten Daten kann eine inefficient regular expression complexity-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Patch wird als 97731871e674bf93bcbf29e9d3258da8685f3076 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P/E:ND/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T07:02:05.616Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-317850 | yarnpkg Yarn hosted-git-resolver.js explodeHostedGitFragment redos",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.317850"
},
{
"name": "VDB-317850 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.317850"
},
{
"name": "Submit #617393 | Yarn v1.22.22 Inefficient Regular Expression Complexity",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.617393"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/yarnpkg/yarn/pull/9199"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/yarnpkg/yarn/pull/9199/commits/97731871e674bf93bcbf29e9d3258da8685f3076"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-26T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-07-26T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-07-26T18:29:39.000Z",
"value": "VulDB entry last update"
}
],
"title": "yarnpkg Yarn hosted-git-resolver.js explodeHostedGitFragment redos"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-8262",
"datePublished": "2025-07-28T07:02:05.616Z",
"dateReserved": "2025-07-26T16:24:06.079Z",
"dateUpdated": "2025-07-28T17:16:45.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-8449 (GCVE-0-2025-8449)
Vulnerability from cvelistv5 – Published: 2025-08-20 13:55 – Updated: 2025-09-09 20:50
VLAI
Summary
CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service when an authenticated user sends a specially crafted request to a specific endpoint from within the BMS network.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Schnieder Electric | EcoStruxure Building Operation Enterprise Server |
Affected:
All 7.x versions , < 7.0.2.348
(version)
Unaffected: All 6.x versions , < 6.0.4.10001 (CP8) (version) Affected: All 5.x versions , < 5.0.3.17009 (CP16) (version) |
|
| Schneider Electric | EcoStruxure Enterprise Server |
Unaffected:
All 7.x versions , < 7.0.2.348
(version)
Affected: All 6.x versions , < 6.0.4.10001 (CP8) (version) Affected: All 5.x versions , < 5.0.3.17009 (CP16) (version) |
|
| Schneider Eelctric | EcoStruxure Building Operation Workstation |
Affected:
All 7.x versions , < 7.0.2.348
(version)
Affected: All 6.x versions , < 6.0.4.10001 (CP8) (version) Affected: All 5.x versions , < 5.0.3.17009 (CP16) (version) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8449",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T17:10:39.552635Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T17:10:46.681Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EcoStruxure Building Operation Enterprise Server",
"vendor": "Schnieder Electric",
"versions": [
{
"lessThan": "7.0.2.348",
"status": "affected",
"version": "All 7.x versions",
"versionType": "version"
},
{
"lessThan": "6.0.4.10001 (CP8)",
"status": "unaffected",
"version": "All 6.x versions",
"versionType": "version"
},
{
"lessThan": "5.0.3.17009 (CP16)",
"status": "affected",
"version": "All 5.x versions",
"versionType": "version"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EcoStruxure Enterprise Server",
"vendor": "Schneider Electric",
"versions": [
{
"lessThan": "7.0.2.348",
"status": "unaffected",
"version": "All 7.x versions",
"versionType": "version"
},
{
"lessThan": "6.0.4.10001 (CP8)",
"status": "affected",
"version": "All 6.x versions",
"versionType": "version"
},
{
"lessThan": "5.0.3.17009 (CP16)",
"status": "affected",
"version": "All 5.x versions",
"versionType": "version"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EcoStruxure Building Operation Workstation",
"vendor": "Schneider Eelctric",
"versions": [
{
"lessThan": "7.0.2.348",
"status": "affected",
"version": "All 7.x versions",
"versionType": "version"
},
{
"lessThan": "6.0.4.10001 (CP8)",
"status": "affected",
"version": "All 6.x versions",
"versionType": "version"
},
{
"lessThan": "5.0.3.17009 (CP16)",
"status": "affected",
"version": "All 5.x versions",
"versionType": "version"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service when an authenticated user sends a specially crafted request to a specific endpoint from within the BMS network."
}
],
"value": "CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service when an authenticated user sends a specially crafted request to a specific endpoint from within the BMS network."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T20:50:55.766Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-224-04\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2025-224-04.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2025-8449",
"datePublished": "2025-08-20T13:55:34.397Z",
"dateReserved": "2025-07-31T21:02:44.262Z",
"dateUpdated": "2025-09-09T20:50:55.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-8537 (GCVE-0-2025-8537)
Vulnerability from cvelistv5 – Published: 2025-08-05 00:32 – Updated: 2025-08-05 13:46
VLAI
Title
Axiomatic Bento4 mp4decrypt Mp4Decrypt.cpp SetDataSize allocation of resources
Summary
A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of the component mp4decrypt. The manipulation leads to allocation of resources. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.318666 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.318666 | signaturepermissions-required |
| https://vuldb.com/?submit.619602 | third-party-advisory |
| https://github.com/axiomatic-systems/Bento4/issues/1037 | issue-tracking |
| https://drive.google.com/file/d/1AkRpx3wcMy3Ic9tQ… | exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8537",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-05T13:46:41.526927Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T13:46:44.809Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/axiomatic-systems/Bento4/issues/1037"
},
{
"tags": [
"exploit"
],
"url": "https://vuldb.com/?submit.619602"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"mp4decrypt"
],
"product": "Bento4",
"vendor": "Axiomatic",
"versions": [
{
"status": "affected",
"version": "1.6.0-641"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of the component mp4decrypt. The manipulation leads to allocation of resources. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Axiomatic Bento4 bis 1.6.0-641 gefunden. Sie wurde als problematisch eingestuft. Hiervon betroffen ist die Funktion AP4_DataBuffer::SetDataSize der Datei Mp4Decrypt.cpp der Komponente mp4decrypt. Durch das Manipulieren mit unbekannten Daten kann eine allocation of resources-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T00:32:06.097Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-318666 | Axiomatic Bento4 mp4decrypt Mp4Decrypt.cpp SetDataSize allocation of resources",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.318666"
},
{
"name": "VDB-318666 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.318666"
},
{
"name": "Submit #619602 | bento4 mp4decrypt the newest master SIGABRT, Assertion Failure",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.619602"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/axiomatic-systems/Bento4/issues/1037"
},
{
"tags": [
"exploit"
],
"url": "https://drive.google.com/file/d/1AkRpx3wcMy3Ic9tQeQyRJybBipK72aQO/view?usp=drive_link"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-08-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-08-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-08-04T14:20:38.000Z",
"value": "VulDB entry last update"
}
],
"title": "Axiomatic Bento4 mp4decrypt Mp4Decrypt.cpp SetDataSize allocation of resources"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-8537",
"datePublished": "2025-08-05T00:32:06.097Z",
"dateReserved": "2025-08-04T12:11:40.801Z",
"dateUpdated": "2025-08-05T13:46:44.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-8849 (GCVE-0-2025-8849)
Vulnerability from cvelistv5 – Published: 2025-10-30 23:42 – Updated: 2025-10-31 15:09
VLAI
Title
Denial of Service in danny-avila/librechat
Summary
LibreChat version 0.7.9 is vulnerable to a Denial of Service (DoS) attack due to unbounded parameter values in the `/api/memories` endpoint. The `key` and `value` parameters accept arbitrarily large inputs without proper validation, leading to a null pointer error in the Rust-based backend when excessively large values are submitted. This results in the inability to create new memories, impacting the stability of the service.
Severity
5.4 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| danny-avila | danny-avila/librechat |
Affected:
unspecified , < v0.8.0-rc2
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8849",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T14:59:52.273037Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T15:09:34.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "danny-avila/librechat",
"vendor": "danny-avila",
"versions": [
{
"lessThan": "v0.8.0-rc2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "LibreChat version 0.7.9 is vulnerable to a Denial of Service (DoS) attack due to unbounded parameter values in the `/api/memories` endpoint. The `key` and `value` parameters accept arbitrarily large inputs without proper validation, leading to a null pointer error in the Rust-based backend when excessively large values are submitted. This results in the inability to create new memories, impacting the stability of the service."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T23:42:41.552Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/e9d9404c-cd19-4226-a580-9cba14b7d7d6"
},
{
"url": "https://github.com/danny-avila/librechat/commit/edf33bedcbb08c33e59df76f06454ed7efd896f9"
}
],
"source": {
"advisory": "e9d9404c-cd19-4226-a580-9cba14b7d7d6",
"discovery": "EXTERNAL"
},
"title": "Denial of Service in danny-avila/librechat"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2025-8849",
"datePublished": "2025-10-30T23:42:41.552Z",
"dateReserved": "2025-08-10T18:16:35.321Z",
"dateUpdated": "2025-10-31T15:09:34.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-8872 (GCVE-0-2025-8872)
Vulnerability from cvelistv5 – Published: 2025-12-16 19:32 – Updated: 2025-12-16 19:51
VLAI
Title
A specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted
Summary
On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted. This may cause disruption in the OSFPv3 routes on the switch.
This issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Arista Networks | EOS |
Affected:
4.34.0 , ≤ 4.34.1F
(custom)
Affected: 4.33.0 , ≤ 4.33.4M (custom) Affected: 4.32.0 , ≤ 4.32.7M (custom) Affected: 4.31.0 , ≤ 4.31.8M (custom) Affected: 0 , ≤ 4.31.0 (custom) |
Date Public
2025-12-16 16:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8872",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-16T19:50:49.156832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T19:51:10.033Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"710/710XP Series",
"720XP/722XPM Series",
"750X Series",
"7010 Series",
"7010X Series",
"7020R Series",
"7130 Series running EOS",
"7150 Series",
"7160 Series",
"7170 Series",
"7050X/X2/X3/X4 Series",
"7060X/X2/X4/X5/X6 Series",
"7250X Series",
"7260X/X3 Series",
"7280E/R/R2/R3 Series",
"7300X/X3 Series",
"7320X Series",
"7358X4 Series",
"7368X4 Series",
"7388X5 Series",
"7500E/R/R2/R3 Series",
"7700R4 Series",
"7800R3/R4 Series",
"AWE 5000 Series",
"AWE 7200R Series",
"CloudEOS",
"cEOS-lab",
"vEOS-lab",
"CloudVision eXchange",
"virtual or physical appliance"
],
"product": "EOS",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "4.34.1F",
"status": "affected",
"version": "4.34.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.33.4M",
"status": "affected",
"version": "4.33.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.32.7M",
"status": "affected",
"version": "4.32.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.31.8M",
"status": "affected",
"version": "4.31.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.31.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn order to be vulnerable to CVE-2025-8872, the following condition must be met:\u003c/p\u003e\u003cp\u003eThe OSFPv3 protocol must be configured in either the default or non default vrf and at least one neighbor must be present\u003c/p\u003e\u003cpre\u003eswitch\u0026gt;show ospfv3\nOSPFv3 address-family ipv6\nRouting Process \"ospfv3\" with ID 192.0.2.0 and Instance 0 VRF default\n FIPS mode disabled\n Maximum number of LSAs allowed 0\n Exceed action disable\n LSA limit for warning message 75%\n Disabled-time 5 minutes, clear timeout 5 minutes\n Incident count 0, incident count limit 5\n It is an autonomous system boundary router and is not an area border router\n Minimum LSA arrival interval 1000 msecs\n Initial LSA throttle delay 1000 msecs\n Minimum hold time for LSA throttle 5000 msecs\n Maximum wait time for LSA throttle 5000 msecs\n It has 1 fully adjacent neighbors\n Number of areas in this router is 1. 1 normal, 0 stub, 0 nssa\n Number of LSAs 8\n Initial SPF schedule delay 0 msecs\n Minimum hold time between two consecutive SPFs 5000 msecs\n Current hold time between two consecutive SPFs 5000 msecs\n Maximum wait time between two consecutive SPFs 5000 msecs\n SPF algorithm last executed 00:04:52 ago\n No scheduled SPF\n Adjacency exchange-start threshold is 20\n Maximum number of next-hops supported in ECMP is 128\n Number of backbone neighbors is 0\n Graceful-restart is not configured\n Graceful-restart-helper mode is enabled\n Area 0.0.0.0\n Number of interface in this area is 1\n It is a normal area\n SPF algorithm executed 6 times\n \nswitch\u0026gt;show ospfv3 neighbor\nOSPFv3 address-family ipv6\nRouting Process \"ospfv3\" Instance 0 VRF default\nNeighbor 192.0.3.0 VRF default priority is 1, state is Full\n In area 0.0.0.0 interface Ethernet4\n Adjacency was established 00:00:49 ago\n Current state was established 00:00:49 ago\n DR is 3.3.3.3 BDR is 2.2.2.2\n Options is E R V6\n Dead timer is due in 29 seconds\n Graceful-restart-helper mode is Inactive\n Graceful-restart attempts: 0\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eIf OSFPv3 is not configured there is no exposure to this issue and the show command will not produce any output\u003c/p\u003e\u003cpre\u003eswitch\u0026gt;show ospfv3\n \nswitch\u0026gt;show ospfv3 neighbor\u003c/pre\u003e\u003cbr\u003e"
}
],
"value": "In order to be vulnerable to CVE-2025-8872, the following condition must be met:\n\nThe OSFPv3 protocol must be configured in either the default or non default vrf and at least one neighbor must be present\n\nswitch\u003eshow ospfv3\nOSPFv3 address-family ipv6\nRouting Process \"ospfv3\" with ID 192.0.2.0 and Instance 0 VRF default\n FIPS mode disabled\n Maximum number of LSAs allowed 0\n Exceed action disable\n LSA limit for warning message 75%\n Disabled-time 5 minutes, clear timeout 5 minutes\n Incident count 0, incident count limit 5\n It is an autonomous system boundary router and is not an area border router\n Minimum LSA arrival interval 1000 msecs\n Initial LSA throttle delay 1000 msecs\n Minimum hold time for LSA throttle 5000 msecs\n Maximum wait time for LSA throttle 5000 msecs\n It has 1 fully adjacent neighbors\n Number of areas in this router is 1. 1 normal, 0 stub, 0 nssa\n Number of LSAs 8\n Initial SPF schedule delay 0 msecs\n Minimum hold time between two consecutive SPFs 5000 msecs\n Current hold time between two consecutive SPFs 5000 msecs\n Maximum wait time between two consecutive SPFs 5000 msecs\n SPF algorithm last executed 00:04:52 ago\n No scheduled SPF\n Adjacency exchange-start threshold is 20\n Maximum number of next-hops supported in ECMP is 128\n Number of backbone neighbors is 0\n Graceful-restart is not configured\n Graceful-restart-helper mode is enabled\n Area 0.0.0.0\n Number of interface in this area is 1\n It is a normal area\n SPF algorithm executed 6 times\n \nswitch\u003eshow ospfv3 neighbor\nOSPFv3 address-family ipv6\nRouting Process \"ospfv3\" Instance 0 VRF default\nNeighbor 192.0.3.0 VRF default priority is 1, state is Full\n In area 0.0.0.0 interface Ethernet4\n Adjacency was established 00:00:49 ago\n Current state was established 00:00:49 ago\n DR is 3.3.3.3 BDR is 2.2.2.2\n Options is E R V6\n Dead timer is due in 29 seconds\n Graceful-restart-helper mode is Inactive\n Graceful-restart attempts: 0\n\n\n\u00a0\n\nIf OSFPv3 is not configured there is no exposure to this issue and the show command will not produce any output\n\nswitch\u003eshow ospfv3\n \nswitch\u003eshow ospfv3 neighbor"
}
],
"datePublic": "2025-12-16T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eOn affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted. This may cause disruption in the OSFPv3 routes on the switch.\u003c/p\u003e\u003cp\u003eThis issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted. This may cause disruption in the OSFPv3 routes on the switch.\n\nThis issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks."
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T19:32:20.528Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/23115-security-advisory-0128"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience.\u003c/p\u003e\u003cp\u003eArista recommends customers move to the latest version of each release that contains all the fixes listed below.\u003c/p\u003e\u003cp\u003eFor more information about upgrading see: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\"\u003eEOS User Manual: Upgrades and Downgrades\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003eCVE-2025-8872 has been fixed in the following releases:\u003c/div\u003e\u003cul\u003e\u003cli\u003e4.34.2F and later releases in the 4.34.x train\u003c/li\u003e\u003cli\u003e4.33.5M and later releases in the 4.33.x train\u003c/li\u003e\u003cli\u003e4.32.8M and later releases in the 4.32.x train\u003c/li\u003e\u003cli\u003e4.31.9M and later releases in the 4.31.x train\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience.\n\nArista recommends customers move to the latest version of each release that contains all the fixes listed below.\n\nFor more information about upgrading see: EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\nCVE-2025-8872 has been fixed in the following releases:\n\n * 4.34.2F and later releases in the 4.34.x train\n * 4.33.5M and later releases in the 4.33.x train\n * 4.32.8M and later releases in the 4.32.x train\n * 4.31.9M and later releases in the 4.31.x train"
}
],
"source": {
"advisory": "128",
"defect": [
"BUG1203059"
],
"discovery": "INTERNAL"
},
"title": "A specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThere is no workaround to mitigate the issue.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "There is no workaround to mitigate the issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2025-8872",
"datePublished": "2025-12-16T19:32:20.528Z",
"dateReserved": "2025-08-11T18:18:36.004Z",
"dateUpdated": "2025-12-16T19:51:10.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9092 (GCVE-0-2025-9092)
Vulnerability from cvelistv5 – Published: 2025-08-16 10:29 – Updated: 2025-08-18 18:08
VLAI
Title
Hybrid Module Deployment in Multi-JVM Environments Leading to Resource Exhaustion
Summary
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader.
This issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Legion of the Bouncy Castle Inc. | Bouncy Castle for Java - BC-FJA 2.1.0 |
Affected:
BC-FJA 2.1.0 , ≤ 2.1.0
(maven)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-18T18:08:27.146804Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-18T18:08:35.298Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
"defaultStatus": "unaffected",
"modules": [
"API"
],
"packageName": "bc-fips",
"platforms": [
"All"
],
"product": "Bouncy Castle for Java - BC-FJA 2.1.0",
"programFiles": [
"org.bouncycastle.crypto.fips.NativeLoader"
],
"vendor": "Legion of the Bouncy Castle Inc.",
"versions": [
{
"lessThanOrEqual": "2.1.0",
"status": "affected",
"version": "BC-FJA 2.1.0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eorg.Bouncycastle.Crypto.Fips.NativeLoader\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0.\u003c/p\u003e"
}
],
"value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader.\n\nThis issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0."
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 1,
"baseSeverity": "LOW",
"privilegesRequired": "HIGH",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/R:U/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-16T10:29:59.417Z",
"orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
"shortName": "bcorg"
},
"references": [
{
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909092"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Hybrid Module Deployment in Multi-JVM Environments Leading to Resource Exhaustion",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Strictly limit the number of JVMs providing services based on BC-FJA 2.1.0 so that effective monitoring and cleanup is possible on the server involved, alternately ensure the module is configured to write its files for native support to a file system with sufficient capacity.\u003cbr\u003e"
}
],
"value": "Strictly limit the number of JVMs providing services based on BC-FJA 2.1.0 so that effective monitoring and cleanup is possible on the server involved, alternately ensure the module is configured to write its files for native support to a file system with sufficient capacity."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
"assignerShortName": "bcorg",
"cveId": "CVE-2025-9092",
"datePublished": "2025-08-16T10:29:59.417Z",
"dateReserved": "2025-08-16T10:06:21.717Z",
"dateUpdated": "2025-08-18T18:08:35.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9278 (GCVE-0-2025-9278)
Vulnerability from cvelistv5 – Published: 2026-01-20 13:55 – Updated: 2026-01-20 16:42
VLAI
Title
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities
Summary
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rockwell Automation | ArmorStart® LT |
Affected:
V2.002 and below
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9278",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T16:42:44.056102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T16:42:53.890Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ArmorStart\u00ae LT",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V2.002 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "A security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T13:55:43.341Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1768.html"
}
],
"source": {
"advisory": "SD1768",
"discovery": "INTERNAL"
},
"title": "ArmorStart\u00ae LT - Multiple Denial-of-Service Vulnerabilities",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2025-9278",
"datePublished": "2026-01-20T13:55:43.341Z",
"dateReserved": "2025-08-20T19:29:53.474Z",
"dateUpdated": "2026-01-20T16:42:53.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9279 (GCVE-0-2025-9279)
Vulnerability from cvelistv5 – Published: 2026-01-20 13:56 – Updated: 2026-01-20 16:42
VLAI
Title
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities
Summary
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limit Storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rockwell Automation | ArmorStart® LT |
Affected:
V2.002 and below
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T16:42:07.471951Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T16:42:17.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ArmorStart\u00ae LT",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V2.002 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limit Storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "A security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limit Storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T13:56:22.609Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1768.html"
}
],
"source": {
"advisory": "SD1768",
"discovery": "INTERNAL"
},
"title": "ArmorStart\u00ae LT - Multiple Denial-of-Service Vulnerabilities",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2025-9279",
"datePublished": "2026-01-20T13:56:22.609Z",
"dateReserved": "2025-08-20T19:36:51.289Z",
"dateUpdated": "2026-01-20T16:42:17.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9280 (GCVE-0-2025-9280)
Vulnerability from cvelistv5 – Published: 2026-01-20 13:57 – Updated: 2026-01-20 16:39
VLAI
Title
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities
Summary
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. Fuzzing performed using Defensics causes the device to become unresponsive, requiring a reboot.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rockwell Automation | ArmorStart® LT |
Affected:
V2.002 and below
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T16:39:25.344046Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T16:39:32.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ArmorStart\u00ae LT",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V2.002 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. Fuzzing performed using Defensics causes the device to become unresponsive, requiring a reboot.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "A security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. Fuzzing performed using Defensics causes the device to become unresponsive, requiring a reboot."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T13:57:02.101Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1768.html"
}
],
"source": {
"advisory": "SD1768",
"discovery": "INTERNAL"
},
"title": "ArmorStart\u00ae LT - Multiple Denial-of-Service Vulnerabilities",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2025-9280",
"datePublished": "2026-01-20T13:57:02.101Z",
"dateReserved": "2025-08-20T19:41:53.395Z",
"dateUpdated": "2026-01-20T16:39:32.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9281 (GCVE-0-2025-9281)
Vulnerability from cvelistv5 – Published: 2026-01-20 13:58 – Updated: 2026-01-20 16:38
VLAI
Title
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities
Summary
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive step limit storm tests, the device reboots
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rockwell Automation | ArmorStart® LT |
Affected:
V2.002 and below
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9281",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T16:38:34.715542Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T16:38:42.562Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ArmorStart\u00ae LT",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V2.002 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue exists within \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eArmorStart\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u00ae LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive step limit storm tests, the device reboots\u003c/span\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "A security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive step limit storm tests, the device reboots"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T13:58:24.186Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1768.html"
}
],
"source": {
"advisory": "SD1768",
"discovery": "INTERNAL"
},
"title": "ArmorStart\u00ae LT - Multiple Denial-of-Service Vulnerabilities",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2025-9281",
"datePublished": "2026-01-20T13:58:24.186Z",
"dateReserved": "2025-08-20T19:44:00.771Z",
"dateUpdated": "2026-01-20T16:38:42.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Design throttling mechanisms into the system architecture. The best protection is to limit the amount of resources that an unauthorized user can cause to be expended. A strong authentication and access control model will help prevent such attacks from occurring in the first place. The login application should be protected against DoS attacks as much as possible. Limiting the database access, perhaps by caching result sets, can help minimize the resources expended. To further limit the potential for a DoS attack, consider tracking the rate of requests received from users and blocking requests that exceed a defined rate threshold.
Mitigation
Phase: Architecture and Design
Description:
- Mitigation of resource exhaustion attacks requires that the target system either:
- The first of these solutions is an issue in itself though, since it may allow attackers to prevent the use of the system by a particular valid user. If the attacker impersonates the valid user, they may be able to prevent the user from accessing the server in question.
- The second solution is simply difficult to effectively institute -- and even when properly done, it does not provide a full solution. It simply makes the attack require more resources on the part of the attacker.
- recognizes the attack and denies that user further access for a given amount of time, or
- uniformly throttles all requests in order to make it more difficult to consume resources more quickly than they can again be freed.
Mitigation
Phase: Architecture and Design
Description:
- Ensure that protocols have specific limits of scale placed on them.
Mitigation
Phase: Implementation
Description:
- Ensure that all failures in resource allocation place the system into a safe posture.
CAPEC-147: XML Ping of the Death
An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.
CAPEC-227: Sustained Client Engagement
An adversary attempts to deny legitimate users access to a resource by continually engaging a specific resource in an attempt to keep the resource tied up as long as possible. The adversary's primary goal is not to crash or flood the target, which would alert defenders; rather it is to repeatedly perform actions or abuse algorithmic flaws such that a given resource is tied up and not available to a legitimate user. By carefully crafting a requests that keep the resource engaged through what is seemingly benign requests, legitimate users are limited or completely denied access to the resource.
CAPEC-492: Regular Expression Exponential Blowup
An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions.