← Voltar para CVEs
CVE-2025-61301
HIGH7.5
Descricao
Denial-of-analysis in reporting/mongodb.py and reporting/jsondump.py in CAPEv2 (commit 52e4b43, on 2025-05-17) allows attackers who can submit samples to cause incomplete or missing behavioral analysis reports by generating deeply nested or oversized behavior data that trigger MongoDB BSON limits or orjson recursion errors when the sample executes in the sandbox.
Detalhes CVE
Pontuacao CVSS v3.17.5
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado10/20/2025
Ultima modificacao10/21/2025
Fontenvd
Avistamentos honeypot0
Fraquezas (CWE)
CWE-400
Referencias
http://capev2.com(cve@mitre.org)
https://github.com/eGkritsis/CVE-2025-61301(cve@mitre.org)
https://github.com/kevoreilly/CAPEv2(cve@mitre.org)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.