CVE-2025-59250

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-59250
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-59250.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-59250
Aliases
Downstream
Related
Published
2025-10-14T17:16:07.240Z
Modified
2026-02-13T16:38:17.601055Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVSS Calculator
Summary
[none]
Details

Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network.

References

Affected packages

Git / github.com/microsoft/mssql-jdbc

Affected ranges

Type
GIT
Repo
https://github.com/microsoft/mssql-jdbc
Events
Introduced
0e97689f50f30c70dcfec89bcc89537ea622b8b5
Fixed
5c9cd93f057de5322973b427583e8603a2bc0fc7
Introduced
3cd946efe4e61446ba9ae073ecc0530746dee6a2
Fixed
269a1965ce331a3b274f6313c6f97f53dec71049
Introduced
468a35abc49ee144a590079c10c32022a7a0247b
Fixed
6ac9b9d667476b2776f78ea488c2b92cecfc92d3
Introduced
4a27a0d1081bb3f0e9bba6112576c49f1776358f
Fixed
ffca76d554f490274cea950536465e58f1b40e4c
Introduced
a0ea23a0de0ec314b9836664cd158c4a795174dc
Fixed
34debbc9b19e5bace5f69e208b4b85e470d634ae
Introduced
c235d35fa3148b24617359e2285a0bc6748076cb
Fixed
c15c00d8da48db0a1490a440f4061c33561f265b
Introduced
e1acc9ec2bbda59dbc45d17cb4090357ae456c3f
Fixed
0535f4f17255eea2bad34b1274f8057c191b9f6d
Introduced
eb88b7026edf217defcd8e6108f75dc3d6f86a1f
Fixed
9641938c250ba9b88b0a12b441bae74fc4cec133

Affected versions

v.*
v.11.1.0
v10.*
v10.2.0
v10.2.1
v10.2.2
v10.2.3
v11.*
v11.1.1
v11.1.2
v11.2.0
v11.2.1
v11.2.2
v11.2.3
v12.*
v12.1.0
v12.10.0
v12.10.1
v12.2.0
v12.3.0
v12.3.1
v12.4.0
v12.4.1
v12.4.2
v12.6.0
v12.6.1
v12.6.2
v12.6.3
v12.6.4
v12.8.0
v12.8.1
v12.9.0
v13.*
v13.1.0
v13.1.1
v13.2.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-59250.json"