CVE-2025-0695

An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-0695

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de asignación de recursos sin límites ni limitación en las versiones de Cesanta Frozen anteriores a 1.7 permite a un atacante inducir un bloqueo del componente que incorpora librería al suministrar un JSON manipulado malintencionado como entrada.

27 Jan 2025, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-27 11:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-0695

Mitre link : CVE-2025-0695

CVE.ORG link : CVE-2025-0695

JSON object : View

Products Affected

No product.

CWE

CWE-770

Allocation of Resources Without Limits or Throttling

5.3 /10