CVE-2025-3115 | THREATINT

Description

Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over the system executing these functions. Additionally, insufficient validation of filenames during file uploads can enable attackers to upload and execute malicious files, leading to arbitrary code execution

Reserved 2025-04-02 | Published 2025-04-09 | Updated 2025-04-09 | Assigner tibco

CRITICAL: 9.4CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Product status

Default status

unaffected

14 before 14.0.7

affected

14.1.0

affected

14.2.0

affected

14.3.0

affected

14.4.0

affected

14.4.1

affected

Default status

unknown

14.0 before 14.0.6

affected

14.1.0

affected

14.2.0

affected

14.3.0

affected

14.4.0

affected

14.4.1

affected

Default status

unknown

14.0 before 14.0.7

affected

14.1.0

affected

14.2.0

affected

14.3.0

affected

14.4.0

affected

14.4.1

affected

Default status

unknown

14.4 before 14.4.2

affected

Default status

unknown

14.4 before 14.4.2

unknown

Default status

unknown

1.17 before 1.17.7

affected

1.18.0

affected

1.19.0

affected

1.20.0

affected

1.21.0

affected

1.21.1

affected

Default status

unknown

1.17 before 1.17.7

affected

1.18.0

affected

Default status

unknown

1.17 before 1.17.7

affected

1.18.0

affected

References

community.spotfire.com/...2025-spotfire-cve-2025-3114-r3484/

cve.org (CVE-2025-3115)

nvd.nist.gov (CVE-2025-3115)

Download JSON