Lucene search
+L

9 matches found

opensuse
opensuse
added 2026/06/05 12:0 a.m.5 views

grafana-11.6.14+security01-4.1 on GA media (moderate)

grafana-11.6.14+security01-4.1 on GA media Announcement ID: openSUSE-SU-2026:10922-1 Rating: moderate Cross-References: CVE-2025-30153 CVSS scores: CVE-2025-30153 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability...

7.5CVSS6.2AI score0.00497EPSS
Exploits0
opensuse
opensuse
added 2026/05/11 12:0 a.m.12 views

mcphost-0.34.0-1.1 on GA media (moderate)

mcphost-0.34.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10731-1 Rating: moderate Cross-References: CVE-2025-30153 CVE-2026-32285 CVE-2026-33186 CVSS scores: CVE-2025-30153 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-32285 SUSE : 5.5...

8.6CVSS5.8AI score0.01557EPSS
Exploits2
wolfi
wolfi
added 2025/05/16 1:45 p.m.19 views

CVE-2025-30153 vulnerabilities

Vulnerabilities for packages: timoni, nuclei, gptscript, dataplaneapi...

7.5CVSS6.5AI score0.00497EPSS
Exploits0
cgr
cgr
added 2025/05/16 1:22 p.m.34 views

CVE-2025-30153 vulnerabilities

Vulnerabilities for packages: dataplaneapi-fips, dataplaneapi, timoni, nuclei, gptscript...

7.5CVSS6.5AI score0.00497EPSS
Exploits0
nvd
nvd
added 2025/03/19 4:15 p.m.49 views

CVE-2025-30153

kin-openapi is a Go project for handling OpenAPI files. Prior to 0.131.0, when validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file e.g., a ZIP bomb, causing the server to consume all available system memory. The root...

7.5CVSS0.00497EPSS
Exploits0References5
osv
osv
added 2025/03/19 4:3 p.m.13 views

CVE-2025-30153 Improper Handling of Highly Compressed Data (Data Amplification) in github.com/getkin/kin-openapi/openapi3filter

kin-openapi is a Go project for handling OpenAPI files. Prior to 0.131.0, when validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file e.g., a ZIP bomb, causing the server to consume all available system memory. The root...

7.5CVSS5.5AI score0.00497EPSS
Exploits0References7
vulnrichment
vulnrichment
added 2025/03/19 4:3 p.m.8 views

CVE-2025-30153 Improper Handling of Highly Compressed Data (Data Amplification) in github.com/getkin/kin-openapi/openapi3filter

kin-openapi is a Go project for handling OpenAPI files. Prior to 0.131.0, when validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file e.g., a ZIP bomb, causing the server to consume all available system memory. The root...

7.5CVSS7.4AI score0.00497EPSS
Exploits0References5
cve
cve
added 2025/03/19 4:3 p.m.216 views

CVE-2025-30153

CVE-2025-30153 affects kin-openapi (Go) prior to 0.131.0. The issue occurs when validating a request with a multipart/form-data schema: if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file (e.g., a ZIP bomb) that causes the server to exhaust memory. The root cause is the Zip...

7.5CVSS7.4AI score0.00497EPSS
Exploits0References5
cvelist
cvelist
added 2025/03/19 4:3 p.m.61 views

CVE-2025-30153 Improper Handling of Highly Compressed Data (Data Amplification) in github.com/getkin/kin-openapi/openapi3filter

kin-openapi is a Go project for handling OpenAPI files. Prior to 0.131.0, when validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file e.g., a ZIP bomb, causing the server to consume all available system memory. The root...

7.5CVSS0.00497EPSS
Exploits0References5
Rows per page
Query Builder