CVE-2025-0502

Published: Jan 15, 2025

Modified: Jan 15, 2025

PUBLISHED

Description

Transmission of Private Resources into a New Sphere ('Resource Leak') vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6.

Vendor	Product	Versions
CrafterCMS	CrafterCMS	affected `4.0.0 - < 4.0.8` affected `4.1.0 - < 4.1.6`

Weaknesses (CWE)

CWE-402

References

https://craftercms.com/docs/current/security/advisory.html#cv-2025011501

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-0502

Description

Affected Products

Weaknesses (CWE)

References