{"vulnerability": "CVE-2025-3015", "sightings": [{"uuid": "f1881dc6-d8c1-4a72-97fd-8977d7e6d59c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3646904", "content": "", "creation_timestamp": "2025-03-24T19:31:05.928285Z"}, {"uuid": "b33afcef-5e1a-4c43-b287-101795343d5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3ll5kcsjbw225", "content": "", "creation_timestamp": "2025-03-24T20:01:24.683400Z"}, {"uuid": "f032cde7-6574-46c5-9bf9-62acc8494375", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-24T21:10:02.000000Z"}, {"uuid": "ebc87407-de04-444d-9c86-bdabf84f8ffb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ll5kerdf2c25", "content": "", "creation_timestamp": "2025-03-24T20:02:31.490919Z"}, {"uuid": "a828967b-c957-4ed8-b858-af8c9528ba41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ll7ezcxv3c2f", "content": "", "creation_timestamp": "2025-03-25T13:31:56.929295Z"}, {"uuid": "bb1c05c0-ea8c-4a5e-8f51-641ed8c8e06f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-25T08:06:32.000000Z"}, {"uuid": "10c58791-9149-43b7-9de6-b9c6435d7110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://bsky.app/profile/arxivofourminds.bsky.social/post/3ll7gxxty722j", "content": "", "creation_timestamp": "2025-03-25T14:06:59.759984Z"}, {"uuid": "7ca6da8a-fdbe-42ca-a9ea-79e8d8a1db6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30153", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkqtnbqezn2h", "content": "", "creation_timestamp": "2025-03-19T18:43:45.116430Z"}, {"uuid": "c364c7d3-4f5e-403a-8e3d-aa87e6a244f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3ll5rjrbiyt22", "content": "", "creation_timestamp": "2025-03-24T22:10:33.763746Z"}, {"uuid": "2fcfcaa9-bb41-470c-bdb4-a73b889a070e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "MISP/0d58ff39-a69c-40e6-a9cc-80eb494aa646", "content": "", "creation_timestamp": "2025-03-22T22:33:21.000000Z"}, {"uuid": "02bdd78c-f136-42dd-80a0-2a2db90e2c94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "MISP/0d58ff39-a69c-40e6-a9cc-80eb494aa646", "content": "", "creation_timestamp": "2025-03-21T07:32:37.000000Z"}, {"uuid": "73e0607d-ac6e-4b85-a00f-b042cbc6a92e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3llcgnq4rwa26", "content": "", "creation_timestamp": "2025-03-26T18:39:14.277505Z"}, {"uuid": "2fb5a934-2f3a-4451-bd63-ad1fbe2d5260", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://bsky.app/profile/saveam.bsky.social/post/3ll6ovlth6l2h", "content": "", "creation_timestamp": "2025-03-25T07:01:46.232458Z"}, {"uuid": "4121b7ac-8a54-422a-8620-3c7532ff35ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://bsky.app/profile/saveam.bsky.social/post/3ll6ovqv4z32h", "content": "", "creation_timestamp": "2025-03-25T07:01:46.779634Z"}, {"uuid": "1eaffbc5-0650-4221-8dc8-4934c1d813c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://bsky.app/profile/saveam.bsky.social/post/3ll6ovqv4z42h", "content": "", "creation_timestamp": "2025-03-25T07:01:47.330987Z"}, {"uuid": "463fcd7a-1421-4e78-bf70-aea85899ead3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114189869676629359", "content": "", "creation_timestamp": "2025-03-19T15:45:35.384465Z"}, {"uuid": "69c1f61a-d370-4057-a3f9-ecc7f8e8c512", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30152", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkqtncep242x", "content": "", "creation_timestamp": "2025-03-19T18:43:48.911186Z"}, {"uuid": "7206f099-0eb7-4b86-9b46-625801b1c2dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkqtncqwy62m", "content": "", "creation_timestamp": "2025-03-19T18:43:50.834954Z"}, {"uuid": "3b7d3b52-539c-446d-abfe-e7eec46c5665", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3015", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116074257599879470", "content": "", "creation_timestamp": "2026-02-15T10:50:12.924352Z"}, {"uuid": "a16e963d-c1cc-445b-b73e-5790e75d80e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114190588285266939", "content": "", "creation_timestamp": "2025-03-19T18:48:41.600242Z"}, {"uuid": "83e05af4-5d6d-44a1-b30d-1dab7e97315c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lla66arlpu2p", "content": "", "creation_timestamp": "2025-03-25T21:02:06.037404Z"}, {"uuid": "5ed77102-cd65-4776-b288-53c5039dd096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3ll5eezfipl2s", "content": "", "creation_timestamp": "2025-03-24T18:15:15.786735Z"}, {"uuid": "5e43e451-bfd6-4cd3-b6a4-4f1c2f6eeff7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llkhomli3c2b", "content": "", "creation_timestamp": "2025-03-29T23:18:58.743150Z"}, {"uuid": "6d8db381-a932-4856-8e9c-a9c7611dd288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30151", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmcygenbt724", "content": "", "creation_timestamp": "2025-04-08T17:22:28.035030Z"}, {"uuid": "abf18cca-35b8-49eb-bc08-6acc0b95d281", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30150", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmcygffhzi2f", "content": "", "creation_timestamp": "2025-04-08T17:22:32.300004Z"}, {"uuid": "47d8cd66-fdbb-4c66-8813-c6fe247c6108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30158", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ln42fpgtpb2l", "content": "", "creation_timestamp": "2025-04-18T16:34:26.144342Z"}, {"uuid": "2daa7a05-6867-43b7-ac6c-5a787234b506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30158", "type": "seen", "source": "https://bsky.app/profile/Minecraft.activitypub.awakari.com.ap.brid.gy/post/3ln45d4eikwm2", "content": "", "creation_timestamp": "2025-04-18T17:27:57.676674Z"}, {"uuid": "8b614ac8-8aa8-4105-a012-ee6ebc491a4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30159", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp2vipct46k2", "content": "", "creation_timestamp": "2025-05-13T16:31:03.340186Z"}, {"uuid": "7d8464c0-98dc-4fe8-8776-cfe9f6bb9853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "MISP/3e4b778d-5810-4171-a915-f1d106684af4", "content": "", "creation_timestamp": "2025-08-11T18:27:48.000000Z"}, {"uuid": "a835ea02-8082-4051-a9cb-7171be94243e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30157", "type": "seen", "source": "MISP/3e4b778d-5810-4171-a915-f1d106684af4", "content": "", "creation_timestamp": "2025-08-11T18:27:49.000000Z"}, {"uuid": "36a727c7-aa50-47da-abcd-47ccfe69f23f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30153", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8080", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30153\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: kin-openapi is a Go project for handling OpenAPI files. Prior to 0.131.0, when validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file (e.g., a ZIP bomb), causing the server to consume all available system memory. The root cause comes from the ZipFileBodyDecoder, which is registered automatically by the module (contrary to what the documentation says). This vulnerability is fixed in 0.131.0.\n\ud83d\udccf Published: 2025-03-19T16:03:26.947Z\n\ud83d\udccf Modified: 2025-03-19T16:03:26.947Z\n\ud83d\udd17 References:\n1. https://github.com/getkin/kin-openapi/security/advisories/GHSA-wq9g-9vfc-cfq9\n2. https://github.com/getkin/kin-openapi/commit/67f0b233ffc01332f7d993f79490fbea5f4455f1\n3. https://github.com/getkin/kin-openapi/blob/6da871e0e170b7637eb568c265c08bc2b5d6e7a3/openapi3filter/req_resp_decoder.go#L1275\n4. https://github.com/getkin/kin-openapi/blob/6da871e0e170b7637eb568c265c08bc2b5d6e7a3/openapi3filter/req_resp_decoder.go#L1523\n5. https://github.com/getkin/kin-openapi?tab=readme-ov-file#custom-content-type-for-body-of-http-requestresponse", "creation_timestamp": "2025-03-19T16:17:59.000000Z"}, {"uuid": "05be37c3-1f36-4e0e-af2d-f2b6cf757866", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-30154", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/df851e15-cb9f-4fbd-b211-a2c1b3be7c44", "content": "", "creation_timestamp": "2026-02-02T12:26:04.967622Z"}, {"uuid": "d8021aa8-39c4-4f44-9404-fdfafeae9dfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30152", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8086", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30152\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: The Syliud PayPal Plugin is the Sylius Core Team\u2019s plugin for the PayPal Commerce Platform. Prior to 1.6.2, 1.7.2, and 2.0.2, a discovered vulnerability allows users to modify their shopping cart after completing the PayPal Checkout process and payment authorization. If a user initiates a PayPal transaction from a product page or the cart page and then returns to the order summary page, they can still manipulate the cart contents before finalizing the order. As a result, the order amount in Sylius may be higher than the amount actually captured by PayPal, leading to a scenario where merchants deliver products or services without full payment. The issue is fixed in versions: 1.6.2, 1.7.2, 2.0.2 and above.\n\ud83d\udccf Published: 2025-03-19T15:57:32.445Z\n\ud83d\udccf Modified: 2025-03-19T15:57:32.445Z\n\ud83d\udd17 References:\n1. https://github.com/Sylius/PayPalPlugin/security/advisories/GHSA-hxg4-65p5-9w37\n2. https://github.com/Sylius/PayPalPlugin/commit/5613df827a6d4fc50862229295976200a68e97aa", "creation_timestamp": "2025-03-19T16:18:08.000000Z"}, {"uuid": "220f87d2-ebc0-49e9-a7e8-95cd68aa6ae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8098", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30154\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use `reviewdog/action-setup@v1` that would also be compromised, regardless of version or pinning method, are reviewdog/action-shellcheck, reviewdog/action-composite-template, reviewdog/action-staticcheck, reviewdog/action-ast-grep, and reviewdog/action-typos.\n\ud83d\udccf Published: 2025-03-19T15:15:29.113Z\n\ud83d\udccf Modified: 2025-03-19T16:21:02.390Z\n\ud83d\udd17 References:\n1. https://github.com/reviewdog/reviewdog/security/advisories/GHSA-qmg3-hpqr-gqvc\n2. https://github.com/reviewdog/reviewdog/issues/2079\n3. https://github.com/reviewdog/action-setup/commit/3f401fe1d58fe77e10d665ab713057375e39b887\n4. https://github.com/reviewdog/action-setup/commit/f0d342d24037bb11d26b9bd8496e0808ba32e9ec\n5. https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup", "creation_timestamp": "2025-03-19T17:21:01.000000Z"}, {"uuid": "8eb5b6a4-f9f3-4932-9d18-9bf015f6bb1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30157", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8347", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30157\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: Envoy is a cloud-native high-performance edge/middle/service proxy. Prior to 1.33.1, 1.32.4, 1.31.6, and 1.30.10, Envoy's ext_proc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the failure of a websocket handshake will trigger a local reply leading to the crash of Envoy. This vulnerability is fixed in 1.33.1, 1.32.4, 1.31.6, and 1.30.10.\n\ud83d\udccf Published: 2025-03-21T14:49:18.113Z\n\ud83d\udccf Modified: 2025-03-21T15:15:11.034Z\n\ud83d\udd17 References:\n1. https://github.com/envoyproxy/envoy/security/advisories/GHSA-cf3q-gqg7-3fm9\n2. https://github.com/envoyproxy/envoy/commit/8eda1b8ef5ba8663d16a737ab99458c039a9b53c", "creation_timestamp": "2025-03-21T15:19:25.000000Z"}, {"uuid": "cb4eeb4e-cdc9-4233-a084-03a3f3bbfb9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8569", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30154\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use `reviewdog/action-setup@v1` that would also be compromised, regardless of version or pinning method, are reviewdog/action-shellcheck, reviewdog/action-composite-template, reviewdog/action-staticcheck, reviewdog/action-ast-grep, and reviewdog/action-typos.\n\ud83d\udccf Published: 2025-03-19T15:15:29.113Z\n\ud83d\udccf Modified: 2025-03-24T22:20:22.752Z\n\ud83d\udd17 References:\n1. https://github.com/reviewdog/reviewdog/security/advisories/GHSA-qmg3-hpqr-gqvc\n2. https://github.com/reviewdog/reviewdog/issues/2079\n3. https://github.com/reviewdog/action-setup/commit/3f401fe1d58fe77e10d665ab713057375e39b887\n4. https://github.com/reviewdog/action-setup/commit/f0d342d24037bb11d26b9bd8496e0808ba32e9ec\n5. https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup", "creation_timestamp": "2025-03-24T23:23:29.000000Z"}, {"uuid": "3281cf30-d1b0-43d9-a851-a2f908189863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30158", "type": "seen", "source": "https://t.me/cvedetector/23318", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30158 - NamelessMC DoS Frame Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30158 \nPublished : April 18, 2025, 4:15 p.m. | 26\u00a0minutes ago \nDescription : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the forum allows users to post iframe elements inside forum topics/comments/feed with no restriction on the iframe's width and height attributes. This allows an authenticated attacker to perform a UI-based denial of service (DoS) by injecting oversized iframes that block the forum UI and disrupt normal user interactions. This issue has been patched in version 2.2.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-18T19:05:00.000000Z"}, {"uuid": "1b061e85-9451-4cdd-972c-165f97f0ff1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30155", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9740", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30155\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap does not enforce read permissions on parent trackers in the REST API. This vulnerability is fixed in Tuleap Community Edition 16.5.99.1742392651 and Tuleap Enterprise Edition 16.5-5 and 16.4-8.\n\ud83d\udccf Published: 2025-03-31T15:58:30.058Z\n\ud83d\udccf Modified: 2025-03-31T18:18:13.265Z\n\ud83d\udd17 References:\n1. https://github.com/Enalean/tuleap/security/advisories/GHSA-6hr4-h6px-7ppg\n2. https://github.com/Enalean/tuleap/commit/0921df3a1c1aa20fc359b373f001a77c43b1b726\n3. https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=0921df3a1c1aa20fc359b373f001a77c43b1b726\n4. https://tuleap.net/plugins/tracker/?aid=42237", "creation_timestamp": "2025-03-31T18:32:21.000000Z"}, {"uuid": "67163991-c9c2-4c92-b60f-c801b944b271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3015", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9766", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3015\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASEImporter::BuildUniqueRepresentation of the file code/AssetLib/ASE/ASELoader.cpp of the component ASE File Handler. The manipulation of the argument mIndices leads to out-of-bounds read. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 6.0 is able to address this issue. The patch is named 7c705fde418d68cca4e8eff56be01b2617b0d6fe. It is recommended to apply a patch to fix this issue.\n\ud83d\udccf Published: 2025-03-31T20:31:06.477Z\n\ud83d\udccf Modified: 2025-03-31T21:21:09.096Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.302067\n2. https://vuldb.com/?ctiid.302067\n3. https://vuldb.com/?submit.524589\n4. https://github.com/assimp/assimp/issues/6021\n5. https://github.com/assimp/assimp/pull/6045\n6. https://github.com/assimp/assimp/issues/6021#issue-2877378829\n7. https://github.com/assimp/assimp/commit/7c705fde418d68cca4e8eff56be01b2617b0d6fe", "creation_timestamp": "2025-03-31T21:31:30.000000Z"}, {"uuid": "b6148ab3-a823-4f96-9d50-0aebcd39d7db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30158", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12467", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30158\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H)\n\ud83d\udd39 Description: NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the forum allows users to post iframe elements inside forum topics/comments/feed with no restriction on the iframe's width and height attributes. This allows an authenticated attacker to perform a UI-based denial of service (DoS) by injecting oversized iframes that block the forum UI and disrupt normal user interactions. This issue has been patched in version 2.2.0.\n\ud83d\udccf Published: 2025-04-18T15:50:49.309Z\n\ud83d\udccf Modified: 2025-04-18T15:50:49.309Z\n\ud83d\udd17 References:\n1. https://github.com/NamelessMC/Nameless/security/advisories/GHSA-2prx-rgr7-hq5f\n2. https://github.com/NamelessMC/Nameless/commit/caa42a975338a13fbc1658e8c440108f16135643\n3. https://github.com/NamelessMC/Nameless/releases/tag/v2.2.0", "creation_timestamp": "2025-04-18T15:58:46.000000Z"}, {"uuid": "8cdb0af1-1ad6-491e-9e6d-8f62718779e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30159", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16147", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30159\n\ud83d\udd25 CVSS Score: 6.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N)\n\ud83d\udd39 Description: Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the `snippet()` helper or `$kirby->snippet()` method with a dynamic snippet name (such as a snippet name that depends on request or user data). Sites that only use fixed calls to the `snippet()` helper/`$kirby->snippet()` method (i.e. calls with a simple string for the snippet name) are *not* affected. A missing path traversal check allowed attackers to navigate and access all files on the server that were accessible to the PHP process, including files outside of the snippets root or even outside of the Kirby installation. PHP code within such files was executed. Such attacks first require an attack vector in the site code that is caused by dynamic snippet names, such as `snippet('tags-' . get('tags'))`. It generally also requires knowledge of the site structure and the server's file system by the attacker, although it can be possible to find vulnerable setups through automated methods such as fuzzing. In a vulnerable setup, this could cause damage to the confidentiality and integrity of the server. The problem has been patched in Kirby 3.9.8.3, Kirby 3.10.1.2, and Kirby 4.7.1. In all of the mentioned releases, Kirby maintainers have added a check for the snippet path that ensures that the resulting path is contained within the configured snippets root. Snippet paths that point outside of the snippets root will not be loaded.\n\ud83d\udccf Published: 2025-05-13T15:07:02.920Z\n\ud83d\udccf Modified: 2025-05-13T15:07:02.920Z\n\ud83d\udd17 References:\n1. https://github.com/getkirby/kirby/security/advisories/GHSA-fw82-87p8-v6hp\n2. https://github.com/getkirby/kirby/releases/tag/3.10.1.2\n3. https://github.com/getkirby/kirby/releases/tag/3.9.8.3\n4. https://github.com/getkirby/kirby/releases/tag/4.7.1", "creation_timestamp": "2025-05-13T15:31:21.000000Z"}, {"uuid": "cda1f0a0-3ff0-4a9b-a176-f608823ca43b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30151", "type": "seen", "source": "https://t.me/cvedetector/22461", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30151 - Shopware Password Denial Of Service\", \n  \"Content\": \"CVE ID : CVE-2025-30151 \nPublished : April 8, 2025, 2:15 p.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : Shopware is an open commerce platform. It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T18:10:52.000000Z"}, {"uuid": "930dd450-f698-41f3-ac1d-49d2e3e67920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30150", "type": "seen", "source": "https://t.me/cvedetector/22460", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30150 - Shopware E-Mail Account Enumeration Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30150 \nPublished : April 8, 2025, 2:15 p.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Through the store-api it is possible as a attacker to check if a specific e-mail address has an account in the shop. Using the store-api endpoint /store-api/account/recovery-password you get the response, which indicates clearly that there is no account for this customer. In contrast you get a success response if the account was found. This vulnerability is fixed in Shopware 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T18:10:51.000000Z"}, {"uuid": "e1452bed-8f6b-4d3b-bb7f-7d3fe1e8d935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "https://t.me/cvedetector/20645", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30154 - \"Reviewdog Action Setup Secret Disclosure Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-30154 \nPublished : March 19, 2025, 4:15 p.m. | 1\u00a0hour, 11\u00a0minutes ago \nDescription : reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use `reviewdog/action-setup@v1` that would also be compromised, regardless of version or pinning method, are reviewdog/action-shellcheck, reviewdog/action-composite-template, reviewdog/action-staticcheck, reviewdog/action-ast-grep, and reviewdog/action-typos. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T18:49:21.000000Z"}, {"uuid": "a3c3b901-3172-428c-8106-9c48e4f5649d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30155", "type": "seen", "source": "https://t.me/cvedetector/21616", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30155 - Tuleap Unrestricted Parent Tracker Access\", \n  \"Content\": \"CVE ID : CVE-2025-30155 \nPublished : March 31, 2025, 4:15 p.m. | 48\u00a0minutes ago \nDescription : Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap does not enforce read permissions on parent trackers in the REST API. This vulnerability is fixed in Tuleap Community Edition 16.5.99.1742392651 and Tuleap Enterprise Edition 16.5-5 and 16.4-8. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T19:12:23.000000Z"}, {"uuid": "fa73a506-5d6b-493c-9067-8a9a4a45e84f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30157", "type": "seen", "source": "https://t.me/cvedetector/20819", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30157 - Envoy HTTP Filter Crash Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30157 \nPublished : March 21, 2025, 3:15 p.m. | 1\u00a0hour, 28\u00a0minutes ago \nDescription : Envoy is a cloud-native high-performance edge/middle/service proxy. Prior to 1.33.1, 1.32.4, 1.31.6, and 1.30.10, Envoy's ext_proc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the failure of a websocket handshake will trigger a local reply leading to the crash of Envoy. This vulnerability is fixed in 1.33.1, 1.32.4, 1.31.6, and 1.30.10. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-21T18:29:08.000000Z"}, {"uuid": "c80c725c-467d-4232-b836-1d69643e77c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30153", "type": "seen", "source": "https://t.me/cvedetector/20644", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30153 - Kin-OpenAPI Multipart Form Data ZIP Bomb Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2025-30153 \nPublished : March 19, 2025, 4:15 p.m. | 1\u00a0hour, 11\u00a0minutes ago \nDescription : kin-openapi is a Go project for handling OpenAPI files. Prior to 0.131.0, when validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file (e.g., a ZIP bomb), causing the server to consume all available system memory. The root cause comes from the ZipFileBodyDecoder, which is registered automatically by the module (contrary to what the documentation says). This vulnerability is fixed in 0.131.0. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T18:49:17.000000Z"}, {"uuid": "7ae11f7a-504a-4762-84a2-2d87ec3ff877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30152", "type": "seen", "source": "https://t.me/cvedetector/20643", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30152 - Sylius PayPal Plugin Cart Manipulation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30152 \nPublished : March 19, 2025, 4:15 p.m. | 1\u00a0hour, 11\u00a0minutes ago \nDescription : The Syliud PayPal Plugin is the Sylius Core Team\u2019s plugin for the PayPal Commerce Platform. Prior to 1.6.2, 1.7.2, and 2.0.2, a discovered vulnerability allows users to modify their shopping cart after completing the PayPal Checkout process and payment authorization. If a user initiates a PayPal transaction from a product page or the cart page and then returns to the order summary page, they can still manipulate the cart contents before finalizing the order. As a result, the order amount in Sylius may be higher than the amount actually captured by PayPal, leading to a scenario where merchants deliver products or services without full payment. The issue is fixed in versions: 1.6.2, 1.7.2, 2.0.2 and above. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T18:49:16.000000Z"}, {"uuid": "3c34c82a-f092-4db7-a463-0f1dc167f8c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30153", "type": "published-proof-of-concept", "source": "Telegram/5NPz2sx_xB9j3hzmo-oIJEJq6Lsm0ce4bHKBo0XPqbJTGio", "content": "", "creation_timestamp": "2025-03-19T17:30:32.000000Z"}, {"uuid": "639eae33-a6cf-427b-be90-84275ebe6bfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30158", "type": "published-proof-of-concept", "source": "Telegram/7jNmJD5vjZVenNUqyYR0CPI9qktay_Z3-idVdIxY76S8ayI", "content": "", "creation_timestamp": "2025-04-18T18:31:46.000000Z"}, {"uuid": "88db5d9c-30a1-4bc5-8cf8-d24d5dac9dfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "seen", "source": "Telegram/1nxUJd1r2Vl_i3BcLbYFmcRkQRAx1kOCE3f---QAF-WqkIU", "content": "", "creation_timestamp": "2025-03-19T16:30:54.000000Z"}, {"uuid": "3499b66a-a447-4963-8540-c1b013dcccd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30154", "type": "exploited", "source": "https://t.me/thehackernews/6538", "content": "\ud83d\udea8 Coinbase dodged a bullet\u2014but 218 repos weren\u2019t so lucky.\n\nA GitHub supply chain attack hijacked tj-actions/changed-files, leaking secrets from 200+ projects.\n\n\ud83d\udd0d CVE-2025-30066 + CVE-2025-30154 | CVSS 8.6\n\ud83c\udfaf Targets: DockerHub, npm, AWS creds\n\ud83d\udd75\ufe0f\u200d\u2642\ufe0f Tactics: Fork PRs, dangling commits, burner GitHub accounts\n\nThis isn\u2019t just a glitch. It\u2019s a playbook for future CI/CD attacks.\n\nWhy it matters now? Thousands still trust infected actions. The exploit may be gone\u2014but the method isn\u2019t.\n\n\ud83d\udd17 Dig deeper before your next push: https://thehackernews.com/2025/03/github-supply-chain-breach-coinbase.html", "creation_timestamp": "2025-03-23T06:33:21.000000Z"}]}