GCVE-1-2025-0012
Vulnerability from gna-1
Published
2025-11-04 07:20
Modified
2025-11-04 07:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Potential vulnerability in file check upload but this vulnerability is non-exploitable as the code is never executed. This vulnerability information is kept for archiving.
References
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "misp",
"vendor": "misp",
"versions": [
{
"lessThan": "2.5.24",
"status": "affected"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Andras Iklody"
},
{
"lang": "en",
"type": "finder",
"value": "Raphael Lob from NATO Cyber Security Center"
},
{
"lang": "en",
"type": "coordinator",
"value": "Alexandre Dulaunoy"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003ePotential vulnerability in file check upload but this vulnerability is non-exploitable as the code is never executed. This vulnerability information is kept for archiving.\u0026nbsp;\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Potential vulnerability in file check upload but this vulnerability is non-exploitable as the code is never executed. This vulnerability information is kept for archiving."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html"
}
]
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en"
}
]
}
],
"metrics": [
{
"other": {
"type": "Evaluation not possible due to dead-code"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en"
}
]
}
],
"providerMetadata": {
"orgId": "00000000-0000-4000-9000-000000000000"
},
"references": [
{
"url": "https://github.com/misp/misp/commit/ed3fa4b4c7a16648d2b102f58b81c735a99e8986"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Potential vulnerability in file check upload but non-exploitable",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "00000000-0000-4000-9000-000000000000",
"datePublished": "2025-11-04T07:20:07.378032Z",
"dateUpdated": "2025-11-04T07:20:07.378032Z",
"requesterUserId": "00000000-0000-4000-9000-000000000000",
"serial": 1,
"state": "PUBLISHED",
"vulnId": "GCVE-1-2025-0012",
"vulnerabilitylookup_history": [
[
"alexandre.dulaunoy@circl.lu",
"2025-11-04T07:20:07.378032Z"
]
]
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…