Memory Leak Vulnerability in libming by an Unknown Vendor
CVE-2025-29488

6.5MEDIUM

Key Information:

Vendor: Unknown Vendor
Status: libming
Vendor: CVE Published:; 27 March 2025

🔔 Create Unknown Vendor Vulnerability Alert

What is CVE-2025-29488?

A memory leak has been identified in libming version 0.4.8, specifically within the parseSWF_INITACTION function. This issue could allow unauthorized access to potentially sensitive memory areas, leading to performance degradation and increased resource consumption. Developers using this library should take immediate precautions to mitigate any risks associated with this flaw.

References

https://github.com/libming/libming/issues/330

https://github.com/goodmow/PoC/blob/main/libming/libming-...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 27, 2025
Vulnerability Reserved
Mar 11, 2025