Applications using affected versions of Ehcache 3.x can experience degraded cache-write performance if the application using Ehcache utilizes keys sourced from (malicious) external parties in an unfiltered/unsalted way.
History

Thu, 16 Oct 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 15 Oct 2025 15:45:00 +0000

Type Values Removed Values Added
Description Applications using affected versions of Ehcache 3.x can experience degraded cache-write performance if the application using Ehcache utilizes keys sourced from (malicious) external parties in an unfiltered/unsalted way.
Title IBM Terracotta denial of service
First Time appeared Ibm
Ibm terracotta
Weaknesses CWE-228
CPEs cpe:2.3:a:ibm:terracotta:10.15.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:terracotta:10.15.0:ifix23:*:*:*:*:*:*
cpe:2.3:a:ibm:terracotta:11.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:terracotta:11.1.0:ifix5:*:*:*:*:*:*
Vendors & Products Ibm
Ibm terracotta
References
Metrics cvssV3_1

{'score': 2.9, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2025-10-15T15:29:04.780Z

Updated: 2025-10-16T13:30:34.433Z

Reserved: 2025-03-19T15:07:16.690Z

Link: CVE-2025-2529

cve-icon Vulnrichment

Updated: 2025-10-16T13:30:28.997Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-10-15T16:15:34.287

Modified: 2025-10-16T15:28:59.610

Link: CVE-2025-2529

cve-icon Redhat

No data.