VDB-312568 · CVE-2025-6099 · EUVD-2025-18356

szluyu99 gin-vue-blog PATCH Request manager.go ବିସ୍ତାରିତ ଅଧିକାର

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame szluyu99 gin-vue-blog ଯେପର୍ଯ୍ୟନ୍ତ 61dd11ccd296e8642a318ada3ef7b3f7776d2410 keessatti argameera. Miidhaan irra gahe is hojii hin beekamne faayilii gin-blog-server/internal/manager.go keessa kutaa PATCH Request Handler keessa. Dhugumatti jijjiirraa gara ବିସ୍ତାରିତ ଅଧିକାର geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-285 si geessa. Beekumsi kun yeroo 06/15/2025 ifoomsifameera. Odeeffannoon kun buufachuuf github.com irratti dhiyaateera. Dogoggorri kun maqaa CVE-2025-6099 jedhuun tajaajilama. Weerara fageenya irraa jalqabuun ni danda'ama. Odeeffannoon teeknikaa ni argama. Akka dabalataan, meeshaa balaa kana fayyadamuuf argama. Qorannoo miidhaa (exploit) beeksifamee jira, namoonni itti fayyadamuu danda'u. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee murtaa’eera. Exploit kana github.com irraa buufachuu ni dandeessa. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Odeeffannoon kun tajaajila rolling release fayyadama, kanaafis tamsaasa itti fufinsa qabu ni kenna. Kanaaf, odeeffannoon gosa version jijjiirame yookaan kan miidhamte hin jiru. Once again VulDB remains the best source for vulnerability data.

4 ଆଡାପ୍ଟେସନ୍ · 89 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 06/15/2025 09:07 AM	ଅଦ୍ୟତନ 1/3 06/16/2025 03:20 AM	ଅଦ୍ୟତନ 2/3 06/16/2025 07:13 AM	ଅଦ୍ୟତନ 3/3 06/16/2025 11:35 AM
software_vendor	szluyu99	szluyu99	szluyu99	szluyu99
software_name	gin-vue-blog	gin-vue-blog	gin-vue-blog	gin-vue-blog
software_version	<=61dd11ccd296e8642a318ada3ef7b3f7776d2410	<=61dd11ccd296e8642a318ada3ef7b3f7776d2410	<=61dd11ccd296e8642a318ada3ef7b3f7776d2410	<=61dd11ccd296e8642a318ada3ef7b3f7776d2410
software_rollingrelease	1	1	1	1
software_component	PATCH Request Handler	PATCH Request Handler	PATCH Request Handler	PATCH Request Handler
software_file	gin-blog-server/internal/manager.go	gin-blog-server/internal/manager.go	gin-blog-server/internal/manager.go	gin-blog-server/internal/manager.go
vulnerability_cwe	CWE-285 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-285 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-285 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-285 (ବିସ୍ତାରିତ ଅଧିକାର)
vulnerability_risk	2	2	2	2
cvss3_vuldb_av	N	N	N	N
cvss3_vuldb_ac	L	L	L	L
cvss3_vuldb_pr	N	N	N	N
cvss3_vuldb_ui	N	N	N	N
cvss3_vuldb_s	U	U	U	U
cvss3_vuldb_c	N	N	N	N
cvss3_vuldb_i	L	L	L	L
cvss3_vuldb_a	N	N	N	N
cvss3_vuldb_e	P	P	P	P
cvss3_vuldb_rc	R	R	R	R
advisory_url	https://github.com/szluyu99/gin-vue-blog/issues/28	https://github.com/szluyu99/gin-vue-blog/issues/28	https://github.com/szluyu99/gin-vue-blog/issues/28	https://github.com/szluyu99/gin-vue-blog/issues/28
exploit_availability	1	1	1	1
exploit_publicity	1	1	1	1
exploit_url	https://github.com/szluyu99/gin-vue-blog/issues/28	https://github.com/szluyu99/gin-vue-blog/issues/28	https://github.com/szluyu99/gin-vue-blog/issues/28	https://github.com/szluyu99/gin-vue-blog/issues/28
source_cve	CVE-2025-6099	CVE-2025-6099	CVE-2025-6099	CVE-2025-6099
cna_responsible	VulDB	VulDB	VulDB	VulDB
cvss2_vuldb_av	N	N	N	N
cvss2_vuldb_ac	L	L	L	L
cvss2_vuldb_au	N	N	N	N
cvss2_vuldb_ci	N	N	N	N
cvss2_vuldb_ii	P	P	P	P
cvss2_vuldb_ai	N	N	N	N
cvss2_vuldb_e	POC	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR	UR
cvss4_vuldb_av	N	N	N	N
cvss4_vuldb_ac	L	L	L	L
cvss4_vuldb_pr	N	N	N	N
cvss4_vuldb_ui	N	N	N	N
cvss4_vuldb_vc	N	N	N	N
cvss4_vuldb_vi	L	L	L	L
cvss4_vuldb_va	N	N	N	N
cvss4_vuldb_e	P	P	P	P
cvss2_vuldb_rl	ND	ND	ND	ND
cvss3_vuldb_rl	X	X	X	X
cvss4_vuldb_at	N	N	N	N
cvss4_vuldb_sc	N	N	N	N
cvss4_vuldb_si	N	N	N	N
cvss4_vuldb_sa	N	N	N	N
cvss2_vuldb_basescore	5.0	5.0	5.0	5.0
cvss2_vuldb_tempscore	4.3	4.3	4.3	4.3
cvss3_vuldb_basescore	5.3	5.3	5.3	5.3
cvss3_vuldb_tempscore	4.8	4.8	4.8	4.8
cvss3_meta_basescore	5.3	5.3	5.3	5.3
cvss3_meta_tempscore	4.8	5.0	5.0	5.0
cvss4_vuldb_bscore	6.9	6.9	6.9	6.9
cvss4_vuldb_btscore	5.5	5.5	5.5	5.5
advisory_date	1749938400 (06/15/2025)	1749938400 (06/15/2025)	1749938400 (06/15/2025)	1749938400 (06/15/2025)
price_0day	$0-$5k	$0-$5k	$0-$5k	$0-$5k
cve_nvd_summary		A vulnerability was found in szluyu99 gin-vue-blog up to 61dd11ccd296e8642a318ada3ef7b3f7776d2410. It has been declared as critical. This vulnerability affects unknown code of the file gin-blog-server/internal/manager.go of the component PATCH Request Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.	A vulnerability was found in szluyu99 gin-vue-blog up to 61dd11ccd296e8642a318ada3ef7b3f7776d2410. It has been declared as critical. This vulnerability affects unknown code of the file gin-blog-server/internal/manager.go of the component PATCH Request Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.	A vulnerability was found in szluyu99 gin-vue-blog up to 61dd11ccd296e8642a318ada3ef7b3f7776d2410. It has been declared as critical. This vulnerability affects unknown code of the file gin-blog-server/internal/manager.go of the component PATCH Request Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
cvss4_cna_av		N	N	N
cvss4_cna_ac		L	L	L
cvss4_cna_at		N	N	N
cvss4_cna_pr		N	N	N
cvss4_cna_ui		N	N	N
cvss4_cna_vc		N	N	N
cvss4_cna_vi		L	L	L
cvss4_cna_va		N	N	N
cvss4_cna_sc		N	N	N
cvss4_cna_si		N	N	N
cvss4_cna_sa		N	N	N
cvss4_cna_bscore		6.9	6.9	6.9
cvss3_cna_av		N	N	N
cvss3_cna_ac		L	L	L
cvss3_cna_pr		N	N	N
cvss3_cna_ui		N	N	N
cvss3_cna_s		U	U	U
cvss3_cna_c		N	N	N
cvss3_cna_i		L	L	L
cvss3_cna_a		N	N	N
cvss3_cna_basescore		5.3	5.3	5.3
cvss2_cna_av		N	N	N
cvss2_cna_ac		L	L	L
cvss2_cna_au		N	N	N
cvss2_cna_ci		N	N	N
cvss2_cna_ii		P	P	P
cvss2_cna_ai		N	N	N
cvss2_cna_basescore		5	5	5
euvd_id			EUVD-2025-18356	EUVD-2025-18356
cve_nvd_summaryes				Se encontró una vulnerabilidad en gin-vue-blog szluyu99 hasta 61dd11ccd296e8642a318ada3ef7b3f7776d2410. Se ha declarado crítica. Esta vulnerabilidad afecta al código desconocido del archivo gin-blog-server/internal/manager.go del componente PATCH Request Handler. La manipulación provoca una autorización indebida. El ataque puede ejecutarse en remoto. Se ha hecho público el exploit y puede que sea utilizado. Este producto utiliza una versión continua para garantizar una distribución continua. Por lo tanto, no se dispone de detalles de las versiones afectadas ni de las versiones actualizadas.

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Might our Artificial Intelligence support you?

Check our Alexa App!