Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-1695

Опубликовано: 04 мар. 2025
Источник: nvd
CVSS3: 5.3
EPSS Низкий

Описание

In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service (DoS).  There is no control plane exposure; this is a data plane issue only.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:f5:nginx_unit:*:*:*:*:*:*:*:*
Версия от 1.29.1 (включая) до 1.34.2 (исключая)

EPSS

Процентиль: 16%
0.00053
Низкий

5.3 Medium

CVSS3

Дефекты

CWE-835
CWE-835

Связанные уязвимости

github логотип

GHSA-7w3m-9pfq-8m82

CVSS3: 5.3
github
11 месяцев назад

In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service (DoS).  There is no control plane exposure; this is a data plane issue only.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

fstec логотип

BDU:2025-10617

CVSS3: 5.3
fstec
11 месяцев назад

Уязвимость модуля Java Language сервера приложений Nginx Unit, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 16%
0.00053
Низкий

5.3 Medium

CVSS3

Дефекты

CWE-835
CWE-835