Home

Description

An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE endpoint

PUBLISHED Reserved 2025-03-11 | Published 2025-09-25 | Updated 2025-09-26 | Assigner mitre

References

github.com/swagger-api/swagger-petstore

github.com/...re/blob/master/src/main/resources/openapi.yaml

gist.github.com/HouqiyuA/4efd1aac7c7c7ab0cd5db48d62541a74

cve.org (CVE-2025-29155)

nvd.nist.gov (CVE-2025-29155)

Download JSON