CVE-2025-53602 | Zipkin up to 3.5.1 Spring Boot Actuator /heapdump insecure default initialization of resource

Inserito da Angelo Barbosa | Lug 5, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Zipkin up to 3.5.1. This affects an unknown part of the file /heapdump of the component Spring Boot Actuator. The manipulation leads to insecure default initialization of resource.

This vulnerability is uniquely identified as CVE-2025-53602. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-53602 | Zipkin up to 3.5.1 Spring Boot Actuator /heapdump insecure default initialization of resource

Post correlati

CVE-2024-13171 | Ivanti Endpoint Manager Filename unrestricted upload

CVE-2024-43883 | Linux Kernel up to 6.10.4 vhci-hcd resource consumption (ZDI-CAN-22273)

CVE-2024-8297 | kitsada8621 Digital Library Management System 1.0 jwt_refresh_token_middleware.go JwtRefreshAuth Authorization neutralization for logs

CVE-2024-33066 | Qualcomm Snapdragon Wired Infrastructure and Networking up to X65 5G Modem-RF System Log File memory corruption