Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-pqqp-7cp8-vxvf

Опубликовано: 21 мая 2025
Источник: github
Github: Прошло ревью
CVSS4: 2.3
CVSS3: 3.1

Описание

Ackites KillWxapkg Zip Bomb Resource Exhaustion

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the component wxapkg File Decompression Handler. The manipulation leads to resource consumption. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

Ссылки

Пакеты

Наименование

github.com/Ackites/KillWxapkg

go
Затронутые версииВерсия исправления

<= 2.4.1

Отсутствует

EPSS

Процентиль: 22%
0.00073
Низкий

2.3 Low

CVSS4

3.1 Low

CVSS3

CVE ID

CVE-2025-5031

Дефекты

CWE-400

Связанные уязвимости

nvd логотип

CVE-2025-5031

CVSS3: 3.1
nvd
9 месяцев назад

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the component wxapkg File Decompression Handler. The manipulation leads to resource consumption. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

EPSS

Процентиль: 22%
0.00073
Низкий

2.3 Low

CVSS4

3.1 Low

CVSS3

CVE ID

CVE-2025-5031

Дефекты

CWE-400