CVE-2025-13481

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-13481

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13481.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-13481

Published

2025-12-11T20:15:53.230Z

Modified

2026-03-12T17:37:33.110776Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user supplied input.

References

https://www.ibm.com/support/pages/node/7254434

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "4.0.0"
            },
            {
                "fixed": "4.1.1"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13481.json"