CVE-2025-0695

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jan 27, 2025

CWE ID 770

Summary

CVE-2025-0695 is a vulnerability affecting Cesanta Frozen versions below 1.7. This issue involves an Allocation of Resources Without Limits or Throttling flaw. An attacker can exploit this vulnerability by supplying a specially crafted JSON input. The result is a crash of the component that embeds the library, leading to potential security risks. Malicious actors can take advantage of this flaw to cause denial-of-service attacks or gain unauthorized access to systems, making it critical for users to update their software as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Frozen
Cesanta Frozen

Affected Vendors

Cesanta Software Limited

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2v-ZyS
https://www.cve.org/CVERecord?id=CVE-2025-0695
https://nvd.nist.gov/vuln/detail/CVE-2025-0695

Back to Vulnerability Database