CVE-2025-2529
LOWDescription
Applications using affected versions of Ehcache 3.x can experience degraded cache-write performance if the application using Ehcache utilizes keys sourced from (malicious) external parties in an unfiltered/unsalted way.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| ibm | terracotta |
| ibm | terracotta |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-2529? +
How severe is CVE-2025-2529? +
What products are affected by CVE-2025-2529? +
How do I check if I'm vulnerable to CVE-2025-2529? +
Related Vulnerabilities
Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service (DoS) attack to be executed …
Swift ASN.1 can be caused to crash when parsing certain BER/DER constructions. This crash is caused by a confusion in …
An Improper Handling of Syntactically Invalid Structure vulnerability in Object Flooding Protocol (OFP) service of Juniper Networks Junos OS Evolved …
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdr_status_vector() function does …
Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability where …
Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending a large volume of …