CVE-2025-14542 in python-utcpinfo

Zusammenfassung

von MITRE • 13.12.2025

The vulnerability arises when a client fetches a tools’ JSON specification, known as a Manual, from a remote Manual Endpoint. While a provider may initially serve a benign manual (e.g., one defining an HTTP tool call), earning the clients’ trust, a malicious provider can later change the manual to exploit the client.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

JFROG

Reservieren

11.12.2025

Veröffentlichung

13.12.2025

Moderieren

akzeptiert

Eintrag

VDB-336390

CPE

bereit

CWE

CWE-501 (bestätigt)

CVSS

7.5 (CNA)

EPSS

0.00048

KEV

nein

Aktivitäten

very low

Sektor

Insurance, Hostingprovider, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-14542
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-14542
CVE Details	https://www.cvedetails.com/cve/CVE-2025-14542/

◂ Zurück Übersicht Weiter ▸

Do you know our Splunk app?

Download it now for free!