← Zuruck zu CVEs
CVE-2025-61301
HIGH7.5
Beschreibung
Denial-of-analysis in reporting/mongodb.py and reporting/jsondump.py in CAPEv2 (commit 52e4b43, on 2025-05-17) allows attackers who can submit samples to cause incomplete or missing behavioral analysis reports by generating deeply nested or oversized behavior data that trigger MongoDB BSON limits or orjson recursion errors when the sample executes in the sandbox.
CVE Details
CVSS v3.1 Bewertung7.5
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht10/20/2025
Zuletzt geandert10/21/2025
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-400
Referenzen
http://capev2.com(cve@mitre.org)
https://github.com/eGkritsis/CVE-2025-61301(cve@mitre.org)
https://github.com/kevoreilly/CAPEv2(cve@mitre.org)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.