CVE-2025-25586

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-25586
yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via the component /resources/application.yml.

4.2 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 3.4

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://gitee.com/r1bbit/yimioa/issues/IBI7LR
Configurations

No configuration.

History

19 Mar 2025, 19:15

Type Values Removed Values Added
Summary
  • (es) Se descubrió que yimioa anterior a v2024.07.04 contenía una vulnerabilidad de divulgación de información a través del componente /resources/application.yml.
CWE CWE-538
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 4.2

18 Mar 2025, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-03-18 16:15

Updated : 2025-03-19 19:15

NVD link : CVE-2025-25586

Mitre link : CVE-2025-25586

CVE.ORG link : CVE-2025-25586

JSON object : View

Products Affected

No product.

CWE
CWE-538

Insertion of Sensitive Information into Externally-Accessible File or Directory