cvelistv5 - cve-2025-68131

CVE-2025-68131 (GCVE-0-2025-68131)

Vulnerability from cvelistv5 – Published: 2025-12-31 01:15 – Updated: 2025-12-31 01:15

Title

CBORDecoder reuse can leak shareable values across decode calls

Summary

cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag (28) persist in memory and can be accessed by subsequent CBOR messages using the sharedref tag (29). This allows an attacker-controlled message to read data from previously decoded messages if the decoder is reused across trust boundaries. Version 5.8.0 patches the issue.

Severity ?

5.5 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

CWE

CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer

Assigner

GitHub_M

References

URL

Tags

	https://github.com/agronholm/cbor2/security/advis…	x_refsource_CONFIRM
	https://github.com/agronholm/cbor2/pull/268	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	agronholm	cbor2	Affected: >= 3.0.0, < 5.8.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "product": "cbor2",
          "vendor": "agronholm",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 3.0.0, \u003c 5.8.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag (28) persist in memory and can be accessed by subsequent CBOR messages using the sharedref tag (29). This allows an attacker-controlled message to read data from previously decoded messages if the decoder is reused across trust boundaries. Version 5.8.0 patches the issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-212",
              "description": "CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-31T01:15:36.827Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/agronholm/cbor2/security/advisories/GHSA-wcj4-jw5j-44wh",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/agronholm/cbor2/security/advisories/GHSA-wcj4-jw5j-44wh"
        },
        {
          "name": "https://github.com/agronholm/cbor2/pull/268",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/agronholm/cbor2/pull/268"
        }
      ],
      "source": {
        "advisory": "GHSA-wcj4-jw5j-44wh",
        "discovery": "UNKNOWN"
      },
      "title": "CBORDecoder reuse can leak shareable values across decode calls"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-68131",
    "datePublished": "2025-12-31T01:15:36.827Z",
    "dateReserved": "2025-12-15T18:05:52.210Z",
    "dateUpdated": "2025-12-31T01:15:36.827Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-68131\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-12-31T02:15:42.527\",\"lastModified\":\"2025-12-31T20:42:15.637\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag (28) persist in memory and can be accessed by subsequent CBOR messages using the sharedref tag (29). This allows an attacker-controlled message to read data from previously decoded messages if the decoder is reused across trust boundaries. Version 5.8.0 patches the issue.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-212\"}]}],\"references\":[{\"url\":\"https://github.com/agronholm/cbor2/pull/268\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/agronholm/cbor2/security/advisories/GHSA-wcj4-jw5j-44wh\",\"source\":\"security-advisories@github.com\"}]}}"
  }
}

GHSA-WCJ4-JW5J-44WH

Vulnerability from github – Published: 2025-12-31 22:01 – Updated: 2025-12-31 22:01

Summary

CBORDecoder reuse can leak shareable values across decode calls

Details

Summary

When a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag (28) persist in memory and can be accessed by subsequent CBOR messages using the sharedref tag (29). This allows an attacker-controlled message to read data from previously decoded messages if the decoder is reused across trust boundaries.

Details

The issue is in the decoder's handling of the shareables list, which stores values tagged with CBOR tag 28 (shareable) for later reference by tag 29 (sharedref).

When decode_from_bytes() is called or when .fp is set to a new stream, the shareables list is not cleared. This allows references to persist across separate decode operations.

The issue exists in both the C extension and the pure Python decoder.

In the C extension (source/decoder.c), the _CBORDecoder_set_fp function (line ~202) updates the file pointer but does not reset the shareables state:

  static int
  _CBORDecoder_set_fp(CBORDecoderObject *self, PyObject *value, void *closure)
  {
      // ... validation ...
      tmp = self->read;
      self->read = read;
      Py_DECREF(tmp);
      return 0;
      // Missing: PyList_Clear(self->shareables) or equivalent
  }

In the pure Python decoder (cbor2/_decoder.py), the fp setter similarly fails to clear self._shareables.

Similarly, decode_from_bytes() in both implementations saves and restores the read pointer but does not clear the shareables list between decodes.

The shareable/sharedref tags are defined in the CBOR value sharing extension (http://cbor.schmorp.de/value-sharing) with scope limited to a single CBOR data item, not across separate messages.

PoC

import cbor2
from io import BytesIO

# Message from trusted source containing a shareable value
msg1 = cbor2.dumps(cbor2.CBORTag(28, "secret"))

# Attacker-controlled message referencing index 0
msg2 = cbor2.dumps(cbor2.CBORTag(29, 0))

# Decoder reused across trust boundaries
decoder = cbor2.CBORDecoder(BytesIO(b''))
decoder.decode_from_bytes(msg1)
print(decoder.decode_from_bytes(msg2))  # prints "secret"

No special configuration required. Affects any application that reuses a CBORDecoder instance to decode messages from different sources.

Impact

Information disclosure. Applications that reuse a CBORDecoder across trust boundaries are vulnerable if the trusted messages use value sharing (tag 28) and an attacker can send messages containing shared references (tag 29). An attacker who can send a crafted CBOR message containing a sharedref tag can read values from previously decoded messages, potentially exposing sensitive data such as credentials, tokens, or private user data.

A similar issue in the encoder could produce invalid CBOR with dangling shared references:

import cbor2
from io import BytesIO

# Create encoder with value sharing enabled
encoder = cbor2.CBOREncoder(BytesIO(), value_sharing=True)

# Persistent object that will be encoded multiple times
shared_obj = ['hello']

# First encode: array containing shared_obj twice
encoder.encode([shared_obj, shared_obj])
print(f'First encode: {encoder.fp.getvalue().hex()}')
# Output: d81c82d81c816568656c6c6fd81d01

# Second encode: just shared_obj
encoder.fp = BytesIO()
encoder.encode(shared_obj)
result = encoder.fp.getvalue()
print(f'Second encode: {result.hex()}')
# Output: d81d01  (just a shared reference to index 1!)

# Try to decode the second result as standalone CBOR
decoder = cbor2.CBORDecoder(BytesIO(result))
decoded = decoder.decode()
# FAILS: shared reference 1 not found

While primarily a correctness bug, it could cause denial of service if invalid CBOR is transmitted to downstream systems that fail to parse it, or cause silent data corruption if the dangling reference happens to resolve to an unrelated value.

It can also be considered a memory leak in both the decoder and encoder as references are held that will never be released as long as the decoder/encoder remains alive.

Suggested resolution

Add dedicated boolean flags to track when an encode/decode operation is in progress. Reset shared state only when the flag is False (top-level call). This ensures state is reset for standalone calls while preserving shared references for nested calls from hooks (which need access to the registry for cyclic structures).

Decoder (_decoding flag): - decode(): set flag True, reset state, decode, set flag False - decode_from_bytes(): reset state only when flag is False

Encoder (_encoding flag): - encode(): set flag True, reset state, encode, set flag False - encode_to_bytes(): reset state only when flag is False

Severity ?

5.5 (Medium)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "cbor2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "5.8.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-68131"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-212"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-12-31T22:01:38Z",
    "nvd_published_at": "2025-12-31T02:15:42Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\nWhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag (28) persist in memory and can be accessed by subsequent CBOR messages using the sharedref tag (29). This allows an attacker-controlled message to read data from previously decoded messages if the decoder is reused across trust boundaries.\n\n### Details\nThe issue is in the decoder\u0027s handling of the shareables list, which stores values tagged with CBOR tag 28 (shareable) for later reference by tag 29 (sharedref).\n\nWhen decode_from_bytes() is called or when .fp is set to a new stream, the shareables list is not cleared. This allows references to persist across separate decode operations.\n\nThe issue exists in both the C extension and the pure Python decoder.\n\nIn the C extension (source/decoder.c), the _CBORDecoder_set_fp function (line ~202) updates the file pointer but does not reset the shareables state:\n\n```\n  static int\n  _CBORDecoder_set_fp(CBORDecoderObject *self, PyObject *value, void *closure)\n  {\n      // ... validation ...\n      tmp = self-\u003eread;\n      self-\u003eread = read;\n      Py_DECREF(tmp);\n      return 0;\n      // Missing: PyList_Clear(self-\u003eshareables) or equivalent\n  }\n```\n\nIn the pure Python decoder (cbor2/_decoder.py), the fp setter similarly fails to clear self._shareables.\n\nSimilarly, decode_from_bytes() in both implementations saves and restores the read pointer but does not clear the shareables list between decodes.\n\nThe shareable/sharedref tags are defined in the CBOR value sharing extension (http://cbor.schmorp.de/value-sharing) with scope limited to a single CBOR data item, not across separate messages.\n\n### PoC\n\n```\nimport cbor2\nfrom io import BytesIO\n\n# Message from trusted source containing a shareable value\nmsg1 = cbor2.dumps(cbor2.CBORTag(28, \"secret\"))\n\n# Attacker-controlled message referencing index 0\nmsg2 = cbor2.dumps(cbor2.CBORTag(29, 0))\n\n# Decoder reused across trust boundaries\ndecoder = cbor2.CBORDecoder(BytesIO(b\u0027\u0027))\ndecoder.decode_from_bytes(msg1)\nprint(decoder.decode_from_bytes(msg2))  # prints \"secret\"\n```\nNo special configuration required. Affects any application that reuses a CBORDecoder instance to decode messages from different sources.\n\n### Impact\nInformation disclosure. Applications that reuse a CBORDecoder across trust boundaries are vulnerable if the trusted messages use value sharing (tag 28) and an attacker can send messages containing shared references (tag 29). An attacker who can send a crafted CBOR message containing a sharedref tag can read values from previously decoded messages, potentially exposing sensitive data such as credentials, tokens, or private user data.\n\n### Related\nA similar issue in the encoder could produce invalid CBOR with dangling shared references:\n\n```\nimport cbor2\nfrom io import BytesIO\n\n# Create encoder with value sharing enabled\nencoder = cbor2.CBOREncoder(BytesIO(), value_sharing=True)\n\n# Persistent object that will be encoded multiple times\nshared_obj = [\u0027hello\u0027]\n\n# First encode: array containing shared_obj twice\nencoder.encode([shared_obj, shared_obj])\nprint(f\u0027First encode: {encoder.fp.getvalue().hex()}\u0027)\n# Output: d81c82d81c816568656c6c6fd81d01\n\n# Second encode: just shared_obj\nencoder.fp = BytesIO()\nencoder.encode(shared_obj)\nresult = encoder.fp.getvalue()\nprint(f\u0027Second encode: {result.hex()}\u0027)\n# Output: d81d01  (just a shared reference to index 1!)\n\n# Try to decode the second result as standalone CBOR\ndecoder = cbor2.CBORDecoder(BytesIO(result))\ndecoded = decoder.decode()\n# FAILS: shared reference 1 not found\n```\n\nWhile primarily a correctness bug, it could cause denial of service if invalid CBOR is transmitted to downstream systems that fail to parse it, or cause silent data corruption if the dangling reference happens to resolve to an unrelated value.\n\nIt can also be considered a memory leak in both the decoder and encoder as references are held that will never be released as long as the decoder/encoder remains alive.\n\n### Suggested resolution\n\nAdd dedicated boolean flags to track when an encode/decode operation is in progress. Reset shared state only when the flag is False (top-level call). This ensures state is reset for standalone calls while preserving shared references for nested calls from hooks (which need access to the registry for cyclic structures).\n\nDecoder (_decoding flag):\n - decode(): set flag True, reset state, decode, set flag False\n - decode_from_bytes(): reset state only when flag is False\n\nEncoder (_encoding flag):\n - encode(): set flag True, reset state, encode, set flag False\n - encode_to_bytes(): reset state only when flag is False",
  "id": "GHSA-wcj4-jw5j-44wh",
  "modified": "2025-12-31T22:01:38Z",
  "published": "2025-12-31T22:01:38Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/agronholm/cbor2/security/advisories/GHSA-wcj4-jw5j-44wh"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68131"
    },
    {
      "type": "WEB",
      "url": "https://github.com/agronholm/cbor2/pull/268"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/agronholm/cbor2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "CBORDecoder reuse can leak shareable values across decode calls"
}

FKIE_CVE-2025-68131

Vulnerability from fkie_nvd - Published: 2025-12-31 02:15 - Updated: 2025-12-31 20:42

Severity ?

5.5 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/agronholm/cbor2/pull/268
	security-advisories@github.com	https://github.com/agronholm/cbor2/security/advisories/GHSA-wcj4-jw5j-44wh

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag (28) persist in memory and can be accessed by subsequent CBOR messages using the sharedref tag (29). This allows an attacker-controlled message to read data from previously decoded messages if the decoder is reused across trust boundaries. Version 5.8.0 patches the issue."
    }
  ],
  "id": "CVE-2025-68131",
  "lastModified": "2025-12-31T20:42:15.637",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "PROOF_OF_CONCEPT",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "LOW",
          "vulnConfidentialityImpact": "LOW",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-12-31T02:15:42.527",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/agronholm/cbor2/pull/268"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/agronholm/cbor2/security/advisories/GHSA-wcj4-jw5j-44wh"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-212"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-68131 (GCVE-0-2025-68131)

GHSA-WCJ4-JW5J-44WH

Summary

Details

PoC

Impact

Related

Suggested resolution

FKIE_CVE-2025-68131

Tags

Sightings

Nomenclature