CVE-2025-53964

Опубликовано: 17 июл. 2025

Источник: nvd

CVSS3: 9.6

EPSS Низкий

Описание

GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for any term included in that dictionary.

Ссылки

https://github.com/goldendict/goldendict/releases
Release Notes
https://github.com/tigr78/CVE-2025-53964
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:goldendict:goldendict:1.5.0:*:*:*:*:*:*:*

cpe:2.3:a:goldendict:goldendict:1.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 20%

0.00065

Низкий

9.6 Critical

CVSS3

Дефекты

CWE-749

Связанные уязвимости

CVE-2025-53964

CVSS3: 9.6

ubuntu

7 месяцев назад

GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for any term included in that dictionary.

CVE-2025-53964

CVSS3: 9.6

debian

7 месяцев назад

GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows ...

GHSA-xfp5-23mr-jwjm

CVSS3: 9.6

github

7 месяцев назад

GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for any term included in that dictionary.

EPSS

Процентиль: 20%

0.00065

Низкий

9.6 Critical

CVSS3

Дефекты

CWE-749