CVE-2025-53602

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-53602
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-53602.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-53602
Aliases
Published
2025-07-04T21:15:23Z
Modified
2025-07-08T17:02:09.013150Z
Summary
[none]
Details

Zipkin through 3.5.1 has a /heapdump endpoint (associated with the use of Spring Boot Actuator), a similar issue to CVE-2025-48927.

References

Affected packages

Git / github.com/openzipkin/zipkin

Affected ranges

Type
GIT
Repo
https://github.com/openzipkin/zipkin
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

1.*

1.0.0
1.1.0
1.1.3
1.1.4
1.1.5
1.10.0
1.11.0
1.11.1
1.12.0
1.12.1
1.13.0
1.13.1
1.14.0
1.14.1
1.14.2
1.14.3
1.14.4
1.15.0
1.16.0
1.16.1
1.16.2
1.17.0
1.17.1
1.18.0
1.19.0
1.19.1
1.19.2
1.19.3
1.19.4
1.2.0
1.2.1
1.20.0
1.20.1
1.21.0
1.22.0
1.22.1
1.23.0
1.23.1
1.23.2
1.23.3
1.24.0
1.25.0
1.26.0
1.26.1
1.26.2
1.27.0
1.28.0
1.28.1
1.29.0
1.29.1
1.29.2
1.29.3
1.29.4
1.3.0
1.30.0
1.30.1
1.30.2
1.30.3
1.31.0
1.31.1
1.31.2
1.31.3
1.4.0
1.4.1
1.4.2
1.4.3
1.4.4
1.5.0
1.5.1
1.6.0
1.7.0
1.8.0
1.8.1
1.8.2
1.8.3
1.8.4
1.9.0

2.*

2.0.0
2.0.1
2.1.0
2.10.0
2.10.1
2.10.2
2.10.3
2.10.4
2.11.0
2.11.1
2.11.10
2.11.11
2.11.12
2.11.2
2.11.3
2.11.4
2.11.5
2.11.6
2.11.7
2.11.8
2.11.9
2.12.0
2.12.1
2.12.2
2.12.3
2.12.4
2.12.5
2.12.6
2.12.7
2.12.8
2.12.9
2.14.1
2.14.2
2.15.0
2.16.0
2.16.1
2.16.2
2.17.0
2.17.1
2.17.2
2.18.0
2.18.1
2.18.2
2.18.3
2.19.0
2.19.1
2.19.2
2.19.3
2.2.0
2.2.1
2.2.2
2.2.3
2.20.0
2.20.1
2.20.2
2.21.0
2.21.1
2.21.2
2.21.3
2.21.4
2.21.5
2.21.6
2.21.7
2.22.0
2.22.1
2.22.2
2.23.0
2.23.1
2.23.14
2.23.15
2.23.16
2.23.17
2.23.18
2.23.19
2.23.2
2.23.3
2.23.4
2.23.5
2.23.7
2.23.8
2.23.9
2.24.0
2.24.1
2.24.2
2.24.3
2.24.4
2.25.0
2.25.1
2.25.2
2.26.0
2.27.0
2.27.1
2.3.0
2.3.1
2.4.0
2.4.1
2.4.2
2.4.3
2.4.4
2.4.5
2.4.6
2.4.7
2.4.8
2.4.9
2.5.0
2.5.1
2.5.2
2.5.3
2.6.0
2.6.1
2.7.0
2.7.1
2.7.2
2.7.3
2.8.0
2.8.1
2.8.2
2.8.3
2.8.4
2.9.0
2.9.1
2.9.2
2.9.3
2.9.4

3.*

3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.1.0
3.1.1
3.2.0
3.2.1
3.3.0
3.3.1
3.4.0
3.4.1
3.4.2
3.4.3
3.4.4
3.5.0
3.5.1

docker-3.*

docker-3.1.0

v2.*

v2.13.0
v2.14.0

zipkin-0.*

zipkin-0.3.0
zipkin-0.7.0

zipkin-server-0.*

zipkin-server-0.2.0