CVE-2025-65411 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload…
High CVSS: 7.5

CVE-2025-65411

A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the search_path parameter.
Vendor
Unrtf Project
Product
Unrtf
CWE
CWE-476
Yayın Tarihi
2025-12-30 18:15:47
Güncelleme
2026-01-09 19:47:55
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-476 Unrtf HIGH Unrtf Project 2025

Referanslar

https://github.com/MAXEUR5/Vulnerability_Disclosures/blob/main/2025/CVE-2025-65411.md https://lists.gnu.org/archive/html/bug-unrtf/2025-11/msg00000.html https://savannah.gnu.org/projects/unrtf/ https://sources.debian.org/src/unrtf/0.21.10-clean-1/src/main.c/#L661 https://www.gnu.org/software/unrtf/ https://github.com/MAXEUR5/Vulnerability_Disclosures/blob/main/2025/CVE-2025-65411.md