CVE-2025-6703

EPSS 0.06%
Veröffentlicht 26.06.2025 09:30:03
Zuletzt bearbeitet 03.12.2025 20:41:53
Quelle security@mozilla.org
CVE-Watchlists
Login
Unerledigt
Login

Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: from 0.4.24 through 0.13.2.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Neqo SwPlatformrust Version >= 0.4.24 <= 0.13.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.181

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
security@mozilla.org	2.3	0	0	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:L/U:Clear

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://github.com/mozilla/neqo/security/advisories/GHSA-jfv6-x22w-grhf

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-6703

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-6703

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-6703

EUVD