CVE-2025-53602 | Zipkin up to 3.5.1 Spring Boot Actuator /heapdump insecure default initialization of resource

Inserito da Angelo Barbosa | Lug 5, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Zipkin up to 3.5.1. This affects an unknown part of the file /heapdump of the component Spring Boot Actuator. The manipulation leads to insecure default initialization of resource.

This vulnerability is uniquely identified as CVE-2025-53602. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-53602 | Zipkin up to 3.5.1 Spring Boot Actuator /heapdump insecure default initialization of resource

Post correlati

CVE-2020-26063 | Cisco Unified Computing System up to 4.1(2b) API Endpoint privileges management (cisco-sa-cimc-auth-zWkppJxL)

CVE-2024-29090 | Jordy Meow AI Engine Plugin up to 2.1.4 on WordPress server-side request forgery

Fuji Electric TELLUS/TELLUS Lite File out-of-bounds

CVE-2024-26271 | Liferay Portal/DXP My Account Widget cross-site request forgery