216.73.216.170

CVE-2025-2961

· Published 30/03/2025 22:15 · Modified 30/03/2025 22:15

Labels: CVE-2025-2961 2025-03-30CVE-2025-2961CWE-23[email protected]

Essential information

Published
30/03/2025 22:15
Modified
30/03/2025 22:15
Author
Creator
CVSS
5.3 MEDIUM (v3) 5.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability classified as problematic was found in opensolon up to 3.1.0. This vulnerability affects the function render_mav of the file /aa of the component org.noear.solon.core.handle.RenderManager. The manipulation of the argument template with the input ../org/example/HelloApp.class leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
noear / opensolon cpe:2.3:a:noear:opensolon:*:*:*:*:*:*:*:*

References