4.5
CVE-2025-0733
- EPSS 0.16%
- Veröffentlicht 27.01.2025 18:15:40
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle cna@vuldb.com
- CVE-Watchlists
- Unerledigt
Postman profapi.dll untrusted search path
A vulnerability, which was classified as problematic, was found in Postman up to 11.20 on Windows. This affects an unknown part in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
Herstellern/a
≫
Produkt
Postman
Version
11.0
Status
affected
Version
11.1
Status
affected
Version
11.2
Status
affected
Version
11.3
Status
affected
Version
11.4
Status
affected
Version
11.5
Status
affected
Version
11.6
Status
affected
Version
11.7
Status
affected
Version
11.8
Status
affected
Version
11.9
Status
affected
Version
11.10
Status
affected
Version
11.11
Status
affected
Version
11.12
Status
affected
Version
11.13
Status
affected
Version
11.14
Status
affected
Version
11.15
Status
affected
Version
11.16
Status
affected
Version
11.17
Status
affected
Version
11.18
Status
affected
Version
11.19
Status
affected
Version
11.20
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.057 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cna@vuldb.com | 2 | 0 | 0 |
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| cna@vuldb.com | 4.5 | 1 | 3.4 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
|
| cna@vuldb.com | 3.5 | 1.5 | 6.4 |
AV:L/AC:H/Au:S/C:P/I:P/A:P
|
CWE-426 Untrusted Search Path
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.
https://vuldb.com/?ctiid.293511
https://vuldb.com/?id.293511
https://vuldb.com/?submit.481185