CVE-2025-0509 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s (Ed)DSA…
High CVSS: 7.3

CVE-2025-0509

A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s (Ed)DSA signing checks.
Vendor
Sparkle-project
Product
Sparkle
CWE
CWE-552
Yayın Tarihi
2025-02-04 20:15:49
Güncelleme
2025-08-05 14:35:15
Source Identifier
patrick@puiterwijk.org
KEV Date Added
-

Kategoriler

CWE-552 Sparkle HIGH Sparkle-project 2025

Referanslar

https://github.com/sparkle-project/Sparkle/pull/2550 https://sparkle-project.org/documentation/security-and-reliability/ https://security.netapp.com/advisory/ntap-20250124-0008/