What the vulnerability does
01Description
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends HTTPS request containing invalid data type to the webserver.
CVSS base score
7.1/10
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Key dates
02Disclosure timeline
June 10, 2025
CVE published
June 10, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-41336 Prevent injection of invalid entity ids for "autocomplete" fields in symfony ux-autocomplete
CVE-2019-1711 Cisco IOS XR gRPC Software Denial of Service Vulnerability
CVE-2022-22247 Junos OS Evolved: Kernel processing of unvalidated TCP segments could lead to a Denial of Service (DoS)
CVE-2023-5275
CVE-2024-2425 Rockwell Automation - Denial-of-service and Input Validation Vulnerabilities in PowerFlex® 527
