CVE-2025-52925 | One Identity OneLogin Active Directory Connector up to 6.1.4 DirectoryToken transmission of private resources into a new sphere (‘resource leak’)

Inserito da Angelo Barbosa | Lug 2, 2025 | CVE

A vulnerability was found in One Identity OneLogin Active Directory Connector up to 6.1.4. It has been rated as problematic. Affected by this issue is some unknown functionality of the component DirectoryToken Handler. The manipulation leads to transmission of private resources into a new sphere (‘resource leak’).

This vulnerability is handled as CVE-2025-52925. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-52925 | One Identity OneLogin Active Directory Connector up to 6.1.4 DirectoryToken transmission of private resources into a new sphere (‘resource leak’)

Post correlati

CVE-2023-51530 | GS Plugins Logo Slider Plugin up to 3.5.1 on WordPress cross-site request forgery

CVE-2024-23375 | Qualcomm Snapdragon Auto/Snapdragon Wearables up to WSA8835 Network Scan Request buffer overflow

CVE-2024-38819 | Vmware Spring Framework up to 5.3.40/6.0.24/6.1.13 WebMvc.fn/WebFlux.fn path traversal

CVE-2023-28185 | Apple iOS/iPadOS App integer overflow