CVE-2025-0782

{"id": "CVE-2025-0782", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.8, "exploitabilityScore": 3.9}]}, "published": "2025-05-02T21:15:23.550", "references": [{"url": "https://github.com/h2oai/h2o-3/commit/6740655b70cef40ec67d952bee2d23f7d33c7419", "source": "security@huntr.dev"}, {"url": "https://huntr.com/bounties/4587cec7-8bc5-48ab-8614-105d41c99151", "source": "security@huntr.dev"}, {"url": "https://huntr.com/bounties/4587cec7-8bc5-48ab-8614-105d41c99151", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the S3 bucket configuration for h2oai/h2o-3 allows public write access to the 'h2o-release' bucket. This issue affects all versions and could enable an attacker to overwrite any file in the bucket. As users download binary files such as JARs from this bucket, this vulnerability could lead to remote code execution (RCE) on any user who uses the application. Additionally, an attacker could modify the documentation to include malicious download links."}, {"lang": "es", "value": "Una vulnerabilidad en la configuraci\u00f3n del bucket S3 para h2oai/h2o-3 permite acceso p\u00fablico de escritura al bucket \"h2o-release\". Este problema afecta a todas las versiones y podr\u00eda permitir a un atacante sobrescribir cualquier archivo del bucket. Al descargar archivos binarios, como JAR, desde este bucket, esta vulnerabilidad podr\u00eda provocar la ejecuci\u00f3n remota de c\u00f3digo (RCE) en cualquier usuario que utilice la aplicaci\u00f3n. Adem\u00e1s, un atacante podr\u00eda modificar la documentaci\u00f3n para incluir enlaces de descarga maliciosos."}], "lastModified": "2025-05-06T15:16:00.720", "sourceIdentifier": "security@huntr.dev"}