vulnerability

Debian: CVE-2025-6375: poco -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:L/Au:S/C:N/I:N/A:P)	Jun 21, 2025	Jun 23, 2025	Aug 15, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:P)

Published

Jun 21, 2025

Added

Jun 23, 2025

Modified

Aug 15, 2025

Description

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.14.2 is able to address this issue. The patch is identified as 6f2f85913c191ab9ddfb8fae781f5d66afccf3bf. It is recommended to upgrade the affected component.

Solution

no-fix-debian-deb-package

References

CVE-2025-6375
https://attackerkb.com/topics/CVE-2025-6375
CWE-404
CWE-476

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today