{"vulnerability": "CVE-2025-3017", "sightings": [{"uuid": "6688f436-07f8-470b-b612-4459ba9635ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30171", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lprw77lwle27", "content": "", "creation_timestamp": "2025-05-22T20:08:09.624678Z"}, {"uuid": "5f66efd7-1e63-4ca9-b99d-46f1abfac1a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30179", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkvcp4qzu22s", "content": "", "creation_timestamp": "2025-03-21T13:23:50.030929Z"}, {"uuid": "6b77e846-1813-418e-95b4-516f61fef742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30173", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpruvw3skg2r", "content": "", "creation_timestamp": "2025-05-22T19:45:06.573236Z"}, {"uuid": "81039011-3389-41c1-a690-6d0806e779a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30170", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lprveeeyks2o", "content": "", "creation_timestamp": "2025-05-22T19:53:09.037406Z"}, {"uuid": "6889ffc7-82f1-479f-ba63-bbdfe2e73189", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30177", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3llrelh3qc72j", "content": "", "creation_timestamp": "2025-04-01T17:12:07.457335Z"}, {"uuid": "47505ef3-5368-4d44-9d10-ffe6e96706b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30172", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lprwi5z3h72r", "content": "", "creation_timestamp": "2025-05-22T20:13:10.152000Z"}, {"uuid": "02c626b2-ded4-44aa-9aa8-d6277d0d8d09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30175", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-09", "content": "", "creation_timestamp": "2025-05-15T10:00:00.000000Z"}, {"uuid": "bd6151bf-d4e6-430e-8e44-72135eb8a755", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30176", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-09", "content": "", "creation_timestamp": "2025-05-15T10:00:00.000000Z"}, {"uuid": "58c079f9-cd49-4f9c-be27-0fbae1e6f4ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30174", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-09", "content": "", "creation_timestamp": "2025-05-15T10:00:00.000000Z"}, {"uuid": "ff4e5c83-213a-4cba-8dab-a74fad720745", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3017", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10011", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3017\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in TA-Lib up to 0.6.4. This issue affects the function setInputBuffer of the file src/tools/ta_regtest/ta_test_func/test_minmax.c of the component ta_regtest. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of the patch is 5879180e9070ec35d52948f2f57519713256a0f1. It is recommended to apply a patch to fix this issue.\n\ud83d\udccf Published: 2025-03-31T21:31:10.492Z\n\ud83d\udccf Modified: 2025-04-01T20:06:50.627Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.302069\n2. https://vuldb.com/?ctiid.302069\n3. https://vuldb.com/?submit.524603\n4. https://github.com/TA-Lib/ta-lib/issues/61\n5. https://github.com/TA-Lib/ta-lib/pull/62\n6. https://github.com/TA-Lib/ta-lib/issues/61#issue-2931609110\n7. https://github.com/TA-Lib/ta-lib/commit/5879180e9070ec35d52948f2f57519713256a0f1", "creation_timestamp": "2025-04-01T20:33:33.000000Z"}, {"uuid": "52a02b89-3c75-4a28-a44f-1e02753bd983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30177", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9877", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30177\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions.\n\nThis issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6.\n\nUsers are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS.\n\nCamel undertow component is vulnerable to Camel message header injection, in particular the custom header filter strategy used by the component only filter the \"out\" direction, while it doesn't filter the \"in\" direction.\n\n\nThis allows an attacker to include Camel specific headers that for some Camel components can alter the behaviour such as the camel-bean component, or the camel-exec component.\n\ud83d\udccf Published: 2025-04-01T11:56:30.484Z\n\ud83d\udccf Modified: 2025-04-01T11:56:30.484Z\n\ud83d\udd17 References:\n1. https://camel.apache.org/security/CVE-2025-27636.html\n2. https://camel.apache.org/security/CVE-2025-29891.html\n3. https://lists.apache.org/thread/dj79zdgw01j337lr9gvyy4sv8xfyw8py", "creation_timestamp": "2025-04-01T12:32:30.000000Z"}, {"uuid": "d9e791e1-e348-43bc-b31e-cc70a2e598dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30170", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17322", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30170\n\ud83d\udd25 CVSS Score: 5.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:C)\n\ud83d\udd39 Description: Exposure of file path, file size or file existence vulnerabilities in ASPECT provide attackers access to file system information if session administrator credentials become compromised.\nThis issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.\n\ud83d\udccf Published: 2025-05-22T17:38:50.749Z\n\ud83d\udccf Modified: 2025-05-22T17:38:50.749Z\n\ud83d\udd17 References:\n1. https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021&LanguageCode=en&DocumentPartId=pdf&Action=Launch", "creation_timestamp": "2025-05-22T17:43:19.000000Z"}, {"uuid": "ff5386de-d4fb-4d09-b262-14960ab7b412", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30177", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mkg7y5htr32x", "content": "", "creation_timestamp": "2026-04-26T18:51:27.240311Z"}, {"uuid": "3feaf60a-26b9-4881-89cd-8efa6eae478d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30179", "type": "seen", "source": "https://t.me/cvedetector/20802", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30179 - Mattermost MFA Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30179 \nPublished : March 21, 2025, 9:15 a.m. | 1\u00a0hour, 23\u00a0minutes ago \nDescription : Mattermost versions 10.4.x <=<=<=\nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-21T11:48:00.000000Z"}, {"uuid": "53408ee9-4272-4076-82ee-bba14f477562", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30177", "type": "seen", "source": "https://t.me/cvedetector/21751", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30177 - Apache Camel Undertow: Camel Message Header Injection\", \n  \"Content\": \"CVE ID : CVE-2025-30177 \nPublished : April 1, 2025, 12:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions.  \n  \nThis issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6.  \n  \nUsers are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS.  \n  \nCamel undertow component is vulnerable to Camel message header injection, in particular the custom header filter strategy used by the component only filter the \"out\" direction, while it doesn't filter the \"in\" direction.  \n  \n  \nThis allows an attacker to include Camel specific headers that for some Camel components can alter the behaviour such as the camel-bean component, or the camel-exec component. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T16:23:16.000000Z"}, {"uuid": "6f8ddce6-b0f6-4124-a3cb-b9d54d6faa13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3017", "type": "seen", "source": "https://t.me/cvedetector/21663", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3017 - TA-Lib Out-of-Bounds Write Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3017 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in TA-Lib up to 0.6.4. This issue affects the function setInputBuffer of the file src/tools/ta_regtest/ta_test_func/test_minmax.c of the component ta_regtest. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of the patch is 5879180e9070ec35d52948f2f57519713256a0f1. It is recommended to apply a patch to fix this issue. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:32.000000Z"}]}