CVE Daily

CVE-2025-47712

A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specif...

Medium CVSS 4.3

Overview

A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service.

CWE: CWE-190 Published: 2025-06-09T06:15:25.537
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 4.3 (MEDIUM)
  • Detected tags: dos (tag impact: LOW)

Recommended actions:

  • Rate limiting, resource quotas and circuit breakers.

Recommended tools

Tags