CVE-2025-12613 | cloudinary up to 2.6.x argument injection (SNYK-JS-CLOUDINARY-10495740)

Inserito da Angelo Barbosa | Nov 10, 2025 | CVE

A vulnerability classified as critical was found in cloudinary up to 2.6.x. Affected is an unknown function. Executing manipulation can lead to argument injection.

This vulnerability is registered as CVE-2025-12613. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.

CVE-2025-12613 | cloudinary up to 2.6.x argument injection (SNYK-JS-CLOUDINARY-10495740)

Post correlati

CVE-2024-39726 | IBM Engineering Insights 7.0.2/7.0.3 xml external entity reference

CVE-2024-26156 | ETIC Telecom Remote Access Server RAS up to 4.5.0 method cross site scripting (icsa-22-307-01)

CVE-2024-45653 | IBM Sterling Connect:Direct Web Services 6.0/6.1/6.2/6.3 insertion of sensitive information into sent data

CVE-2024-26220 | Microsoft unknown vulnerability