exploitDog

CVE-2025-25013

Опубликовано: 08 апр. 2025

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack.

Ссылки

https://discuss.elastic.co/t/elastic-defend-8-17-3-security-update-esa-2025-05/376921

EPSS

Процентиль: 25%

0.00084

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-532

Связанные уязвимости

GHSA-p999-j4hq-pmj3

CVSS3: 6.5

github

10 месяцев назад

Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack.

EPSS

Процентиль: 25%

0.00084

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-532