CVE-2025-29449

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-29449

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-29449.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-29449

Published

2025-04-17T21:15:50.353Z

Modified

2026-04-10T05:24:30.679970Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N CVSS Calculator

Summary

[none]

Details

An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the link identification function.

References

https://www.yuque.com/morysummer/vx41bz/tawn9fxg1ggv1sdr

Affected packages

Git / github.com/tznb1/twonav

Affected ranges

Type

GIT

Repo

https://github.com/tznb1/twonav

Events

Introduced

Last affected

f87af906d9761178f63ae79ae762ac9a7090dca7

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.1.18-20241105"
        }
    ]
}

Affected versions

v2.*

v2.0.07-20230405

v2.0.08-20230406

v2.0.09-20230410

v2.0.10-20230413

v2.0.11-20230414

v2.0.12-20230417

v2.0.13-20230418

v2.0.14-20230420

v2.0.15-20230422

v2.0.16-20230425

v2.0.17-20230428

v2.0.18-20230510

v2.0.19-20230515

v2.0.20-20230520

v2.0.21-20230521

v2.0.21-20230522

v2.0.22-20230523

v2.0.23-20230527

v2.0.24-20230605

v2.0.25-20230607

v2.0.26-20230611

v2.0.27-20230618

v2.0.28-20230624

v2.0.29-20230705

v2.0.30-20230713

v2.0.31-20230720

v2.0.32-20230727

v2.0.33-20230802

v2.0.34-20230809

v2.0.35-20230816

v2.0.36-20230823

v2.0.37-20230830

v2.0.38-20230906

v2.0.39-20230913

v2.0.40-20230916

v2.0.40-20230917

v2.1.01-20231002

v2.1.02-20231012

v2.1.03-20231019

v2.1.04-20231029

v2.1.05-20231106

v2.1.06-20231113

v2.1.07-20231130

v2.1.08-20231219

v2.1.09-20231220

v2.1.11-20240119

v2.1.12-20240308

v2.1.13-20240321

v2.1.14-20240414

v2.1.14-20240416

v2.1.14-20240419

v2.1.15-20240513

v2.1.16-20240525

v2.1.17-20240730

v2.1.18-20241018

v2.1.18-20241105

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-29449.json"