CVE-2025-53887 | Directus up to 11.8.x OpenAPI /server/specs/oas information disclosure (GHSA-rmjh-cf9q-pv7q)

Inserito da Angelo Barbosa | Lug 15, 2025 | CVE

A vulnerability classified as problematic has been found in Directus up to 11.8.x. Affected is an unknown function of the file /server/specs/oas of the component OpenAPI. The manipulation leads to information disclosure.

This vulnerability is traded as CVE-2025-53887. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-53887 | Directus up to 11.8.x OpenAPI /server/specs/oas information disclosure (GHSA-rmjh-cf9q-pv7q)

Post correlati

CVE-2024-47902 | Siemens InterMesh 7177 Hybrid 2.0 Subscriber prior 8.2.12 Web Server missing authentication (ssa-333468)

CVE-2022-41677 | Bosch Camera access control

CVE-2024-37400 | Ivanti Connect Secure up to 22.7R2.2 out-of-bounds

CVE-2025-5113 | Diviotec nbr222p up to 2.0170.3030 command injection