CVE-2025-13428

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-13428

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13428.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-13428

Published

2025-12-09T16:17:35.307Z

Modified

2026-03-12T17:36:30.335067Z

Severity

7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution (RCE) in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containing a malicious setup.py file, which would execute on the server during the installation process, leading to potential server compromise.

No customer action is required.

All customers have been automatically upgraded to the fixed version: 6.3.64 or higher.

References

https://cloud.google.com/support/bulletins#gcp-2025-075

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "6.3.64"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13428.json"