Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2025/03/29 3:3 a.m.2 views

SUSE CVE-2025-30153

kin-openapi is a Go project for handling OpenAPI files. Prior to 0.131.0, when validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file e.g., a ZIP bomb, causing the server to consume all available system memory. The root...

7.5CVSS7AI score0.00497EPSS
Exploits0References6
CVE
CVE
added 2025/03/19 4:3 p.m.210 views

CVE-2025-30153

CVE-2025-30153 affects kin-openapi (Go) prior to 0.131.0. The issue occurs when validating a request with a multipart/form-data schema: if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file (e.g., a ZIP bomb) that causes the server to exhaust memory. The root cause is the Zip...

7.5CVSS7.4AI score0.00497EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.2 views

kin-openapi 安全漏洞

kin-openapi is a getkin open source implementation of OpenAPI 3.0 for Go parsing, transforming, validating, etc.. A security vulnerability exists in kin-openapi versions prior to 0.131.0, which stems from a potential memory exhaustion when processing multipart/form-data requests...

7.5CVSS5.5AI score0.00497EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/03/19 12:0 a.m.6 views

PT-2025-11700

Name of the Vulnerable Software and Affected Versions kin-openapi versions prior to 0.131.0 Description The issue arises when validating a request with a multipart/form-data schema. If the OpenAPI schema allows it, an attacker can upload a crafted ZIP file, such as a ZIP bomb, causing the server ...

7.5CVSS6.4AI score0.00497EPSS
Exploits0References146
Rows per page
Query Builder