← Retour aux CVEs
CVE-2025-61301
HIGH7.5
Description
Denial-of-analysis in reporting/mongodb.py and reporting/jsondump.py in CAPEv2 (commit 52e4b43, on 2025-05-17) allows attackers who can submit samples to cause incomplete or missing behavioral analysis reports by generating deeply nested or oversized behavior data that trigger MongoDB BSON limits or orjson recursion errors when the sample executes in the sandbox.
Details CVE
Score CVSS v3.17.5
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie10/20/2025
Derniere modification10/21/2025
Sourcenvd
Observations honeypot0
Faiblesses (CWE)
CWE-400
References
http://capev2.com(cve@mitre.org)
https://github.com/eGkritsis/CVE-2025-61301(cve@mitre.org)
https://github.com/kevoreilly/CAPEv2(cve@mitre.org)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.