216.73.216.170

CVE-2025-12829

· Published 07/11/2025 18:15 · Modified 12/11/2025 16:20

Labels: CVE-2025-12829 2025-11-07CVE-2025-12829CWE-125ff89ba41-3aa1-4d27-914a-91399e9639e5

Essential information

Published
07/11/2025 18:15
Modified
12/11/2025 16:20
Author
Creator
CVSS
6.9 MEDIUM (v3) 6.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

An uninitialized stack read issue exists in Amazon Ion-C versions <v1.1.4 that may allow a threat actor to craft data and serialize it to Ion text in such a way that sensitive data in memory could be exposed through UTF-8 escape sequences. To mitigate this issue, users should upgrade to version v1.1.4.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
ff89ba41-3aa1-4d27-914a-91399e9639e5
NVD
View on NVD

References