7.5

CVE-2025-66909

Exploit

EPSS 0.35%
Veröffentlicht 19.12.2025 00:00:00
Zuletzt bearbeitet 02.01.2026 19:50:44
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an image decompression bomb denial of service vulnerability. The ExtendedOpenCVImage class in ai/djl/opencv/ExtendedOpenCVImage.java loads images using OpenCV's imread() function without validating dimensions or pixel count before decompression. An attacker can upload a specially crafted compressed image file (e.g., PNG) that is small when compressed but expands to gigabytes of memory when loaded. This causes immediate memory exhaustion, OutOfMemoryError, and service crash. No authentication is required if the OCR service is publicly accessible. Multiple requests can completely deny service availability.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Turms-im ≫ Turms Version0.10.0-snapshot

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.35%	0.567

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-409 Improper Handling of Highly Compressed Data (Data Amplification)

The product does not handle or incorrectly handles a compressed input with a very high compression ratio that produces a large output.

https://github.com/turms-im/turms

Product

https://github.com/turms-im/turms/blob/develop/turms-ai-serving/src/main/java/ai/djl/opencv/ExtendedOpenCVImage.java#L37

Product

https://github.com/Xzzz111/public_cve_report/blob/main/CVE-2025-66909_report.md

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2025-66909

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-66909

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-66909

EUVD