Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/09 1:19 p.m.10 views

CVE-2025-25069

A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks. Since Kvrocks didn't detect if "Host:" or "POST" appears in RESP requests, a valid HTTP request can also be sent to Kvrocks as a valid RESP request and trigger some database operations, which can be dangerous when it is chained...

7.4CVSS6.3AI score0.02147EPSS
Exploits0References1
NVD
NVD
added 2025/02/07 1:15 p.m.17 views

CVE-2025-25069

A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks. Since Kvrocks didn't detect if "Host:" or "POST" appears in RESP requests, a valid HTTP request can also be sent to Kvrocks as a valid RESP request and trigger some database operations, which can be dangerous when it is chained...

6.5CVSS0.00777EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/07 12:46 p.m.18 views

CVE-2025-25069 Apache Kvrocks: Cross-Protocol Scripting Vulnerability

A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks. Since Kvrocks didn't detect if "Host:" or "POST" appears in RESP requests, a valid HTTP request can also be sent to Kvrocks as a valid RESP request and trigger some database operations, which can be dangerous when it is chained...

6.8AI score0.00777EPSS
Exploits0References2
CVE
CVE
added 2025/02/07 12:46 p.m.81 views

CVE-2025-25069

The CVE-2025-25069 entry describes a Cross-Protocol Scripting vulnerability in Apache Kvrocks, where Kvrocks does not detect Host: or POST in RESP requests, allowing an HTTP request to be interpreted as a RESP request and potentially trigger dangerous database operations, especially when chained ...

6.5CVSS6.8AI score0.00777EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/02/07 12:46 p.m.4 views

CVE-2025-25069 Apache Kvrocks: Cross-Protocol Scripting Vulnerability

A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks. Since Kvrocks didn't detect if "Host:" or "POST" appears in RESP requests, a valid HTTP request can also be sent to Kvrocks as a valid RESP request and trigger some database operations, which can be dangerous when it is chained...

6.5CVSS7AI score0.02147EPSS
Exploits0References4
Rows per page
Query Builder