Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-6375

Опубликовано: 21 июн. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 1.7
CVSS3: 3.3

Описание

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.14.2 is able to address this issue. The patch is identified as 6f2f85913c191ab9ddfb8fae781f5d66afccf3bf. It is recommended to upgrade the affected component.

РелизСтатусПримечание
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

needs-triage

jammy

needs-triage

noble

needs-triage

oracular

ignored

end of life, was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 2%
0.00014
Низкий

1.7 Low

CVSS2

3.3 Low

CVSS3

Связанные уязвимости

nvd логотип

CVE-2025-6375

CVSS3: 3.3
nvd
2 месяца назад

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.14.2 is able to address this issue. The patch is identified as 6f2f85913c191ab9ddfb8fae781f5d66afccf3bf. It is recommended to upgrade the affected component.

debian логотип

CVE-2025-6375

CVSS3: 3.3
debian
2 месяца назад

A vulnerability was found in poco up to 1.14.1. It has been rated as p ...

github логотип

GHSA-xwcq-qmxg-r8f4

CVSS3: 3.3
github
около 2 месяцев назад

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.14.2 is able to address this issue. The patch is identified as 6f2f85913c191ab9ddfb8fae781f5d66afccf3bf. It is recommended to upgrade the affected component.

EPSS

Процентиль: 2%
0.00014
Низкий

1.7 Low

CVSS2

3.3 Low

CVSS3