{"id":"GHSA-7vrx-9684-xrf2","summary":"Craft CMS stores arbitrary content provided by unauthenticated users in session files","details":"Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an independent vulnerability. Craft CMS redirects requests that require authentication to the login page and generates a session file on the server at `/var/lib/php/sessions`. Such session files are named `sess_[session_value]`, where `[session_value]` is provided to the client in a `Set-Cookie` response header. Craft CMS stores the return URL requested by the client without sanitizing parameters. Consequently, an unauthenticated client can introduce arbitrary values, such as PHP code, to a known local file location on the server. Craft CMS versions 5.7.5 and 4.15.3 have been released to address this issue.","aliases":["CVE-2025-35939"],"modified":"2025-10-22T19:55:21.907700Z","published":"2025-05-08T00:31:12Z","database_specific":{"severity":"MODERATE","github_reviewed_at":"2025-05-08T14:53:02Z","cwe_ids":["CWE-472"],"nvd_published_at":"2025-05-07T23:15:54Z","github_reviewed":true},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-35939"},{"type":"WEB","url":"https://github.com/craftcms/cms/pull/17220"},{"type":"WEB","url":"https://github.com/craftcms/cms/commit/e4c7bac8f31010aee048409f9ef6f744a83146b2"},{"type":"PACKAGE","url":"https://github.com/craftcms/cms"},{"type":"WEB","url":"https://github.com/craftcms/cms/releases/tag/4.15.3"},{"type":"WEB","url":"https://github.com/craftcms/cms/releases/tag/5.7.5"},{"type":"WEB","url":"https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-147-01.json"},{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-35939"},{"type":"WEB","url":"https://www.cve.org/CVERecord?id=CVE-2025-35939"}],"affected":[{"package":{"name":"craftcms/cms","ecosystem":"Packagist","purl":"pkg:composer/craftcms/cms"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.0.0-alpha.1"},{"fixed":"5.7.5"}]}],"versions":["5.0.0","5.0.0-RC1","5.0.0-alpha.1","5.0.0-alpha.10","5.0.0-alpha.11","5.0.0-alpha.12","5.0.0-alpha.13","5.0.0-alpha.2","5.0.0-alpha.3","5.0.0-alpha.4","5.0.0-alpha.5","5.0.0-alpha.6","5.0.0-alpha.7","5.0.0-alpha.8","5.0.0-alpha.9","5.0.0-beta.1","5.0.0-beta.10","5.0.0-beta.11","5.0.0-beta.2","5.0.0-beta.3","5.0.0-beta.4","5.0.0-beta.5","5.0.0-beta.6","5.0.0-beta.7","5.0.0-beta.8","5.0.0-beta.9","5.0.1","5.0.2","5.0.3","5.0.4","5.0.5","5.0.6","5.1.0","5.1.1","5.1.10","5.1.2","5.1.3","5.1.4","5.1.5","5.1.6","5.1.7","5.1.8","5.1.9","5.2.0","5.2.0-beta.1","5.2.0-beta.2","5.2.0-beta.3","5.2.0-beta.4","5.2.0-beta.5","5.2.0-beta.6","5.2.1","5.2.10","5.2.2","5.2.3","5.2.4","5.2.4.1","5.2.5","5.2.6","5.2.7","5.2.8","5.2.9","5.3.0","5.3.0-beta.1","5.3.0-beta.2","5.3.0.1","5.3.0.2","5.3.0.3","5.3.1","5.3.2","5.3.3","5.3.4","5.3.5","5.3.6","5.4.0","5.4.0.1","5.4.1","5.4.10","5.4.10.1","5.4.2","5.4.3","5.4.4","5.4.5","5.4.5.1","5.4.6","5.4.7","5.4.7.1","5.4.8","5.4.9","5.5.0","5.5.0.1","5.5.1","5.5.1.1","5.5.10","5.5.2","5.5.3","5.5.4","5.5.5","5.5.6","5.5.6.1","5.5.7","5.5.8","5.5.9","5.6.0","5.6.0.1","5.6.0.2","5.6.1","5.6.10","5.6.10.1","5.6.10.2","5.6.11","5.6.12","5.6.13","5.6.14","5.6.15","5.6.16","5.6.17","5.6.2","5.6.3","5.6.4","5.6.5","5.6.5.1","5.6.6","5.6.7","5.6.8","5.6.9","5.6.9.1","5.7.0","5.7.0-beta.1","5.7.0-beta.2","5.7.1","5.7.1.1","5.7.2","5.7.3","5.7.4"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/05/GHSA-7vrx-9684-xrf2/GHSA-7vrx-9684-xrf2.json"}},{"package":{"name":"craftcms/cms","ecosystem":"Packagist","purl":"pkg:composer/craftcms/cms"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.3"}]}],"versions":["1.0.26.1","1.2.0-alpha.2310","1.2.0-alpha.2312","1.2.0-alpha.2316","1.2.0-alpha.2318","1.2.0-alpha.2319","1.2.0-alpha.2322","1.2.0-alpha.2323","1.2.0-alpha.2324","1.2.0-alpha.2328","1.2.0-alpha.2329","1.2.0-alpha.2332","1.2.2333","1.2.2335","1.2.2336","1.2.2337","1.2.2339","1.2.2358","1.2.2363","1.2.2367","1.2.2371","1.2.2375","1.2.2387","1.2.2392","1.2.2396","1.2.2399","1.3.0-alpha.2361","1.3.0-alpha.2366","1.3.0-alpha.2372","1.3.0-alpha.2374","1.3.0-alpha.2377","1.3.0-alpha.2378","1.3.0-alpha.2380","1.3.0-alpha.2388","1.3.0-alpha.2394","1.3.0-alpha.2397","1.3.0-alpha.2401","1.3.0-alpha.2402","1.3.0-alpha.2405","1.3.0-alpha.2464","1.3.2409","1.3.2410","1.3.2415","1.3.2416","1.3.2418","1.3.2419","1.3.2420","1.3.2422","1.3.2456","1.3.2459","1.3.2461","1.3.2462","1.3.2465","1.3.2473","1.3.2485","1.3.2486","1.3.2487","1.3.2494","1.3.2496","1.3.2507","1.4.0-alpha.2469","1.4.0-alpha.2470","1.4.0-alpha.2471","1.4.0-alpha.2476","1.4.0-alpha.2478","1.4.0-alpha.2479","1.4.0-alpha.2482","1.4.0-alpha.2484","1.4.0-alpha.2488","1.4.0-alpha.2489","1.4.0-alpha.2490","1.4.0-alpha.2491","1.4.0-alpha.2492","1.4.0-alpha.2493","1.4.0-alpha.2495","1.4.0-alpha.2497","1.4.0-alpha.2498","1.4.0-alpha.2499","1.4.0-alpha.2500","1.4.0-alpha.2502","1.4.0-alpha.2503","1.4.0-alpha.2505","1.4.0-alpha.2506","1.4.0-alpha.2509","1.4.0-alpha.2512","1.4.0-alpha.2513","1.4.0-alpha.2519","1.4.0-alpha.2521","2.0.2524","2.0.2525","2.0.2527","2.0.2528","2.0.2532","2.0.2533","2.0.2535","2.0.2536","2.0.2537","2.0.2538","2.0.2539","2.0.2540","2.0.2541","2.0.2542","2.0.2543","2.0.2548","2.0.2549","2.0.2551","2.1.0-alpha.2546","2.1.0-alpha.2547","2.1.0-alpha.2552","2.1.2554","2.1.2555","2.1.2556","2.1.2557","2.1.2559","2.1.2561","2.1.2562","2.1.2563","2.1.2564","2.1.2566","2.1.2568","2.1.2569","2.1.2570","2.2.0-alpha.2572","2.2.0-alpha.2575","2.2.0-alpha.2578","2.2.2579","2.2.2581","2.2.2582","2.2.2586","2.2.2587","2.2.2588","2.2.2589","2.2.2590","2.2.2591","2.2.2592","2.2.2593","2.2.2596","2.2.2598","2.2.2601","2.2.2604","2.2.2607","2.3.0-alpha.2600","2.3.0-alpha.2602","2.3.0-alpha.2603","2.3.0-alpha.2605","2.3.0-alpha.2606","2.3.0-alpha.2608","2.3.0-alpha.2610","2.3.0-alpha.2612","2.3.0-alpha.2645","2.3.2615","2.3.2616","2.3.2617","2.3.2618","2.3.2620","2.3.2621","2.3.2623","2.3.2624","2.3.2625","2.3.2626","2.3.2627","2.3.2629","2.3.2632","2.3.2635","2.3.2636","2.3.2639","2.3.2640","2.3.2641","2.3.2642","2.3.2643","2.3.2644","2.4.2664","2.4.2666","2.4.2667","2.4.2668","2.4.2669","2.4.2670","2.4.2675","2.4.2677","2.4.2679","2.4.2682","2.4.2684","2.4.2688","2.4.2691","2.4.2692","2.4.2693","2.4.2695","2.4.2696","2.4.2697","2.4.2698","2.4.2699","2.4.2700","2.4.2701","2.4.2702","2.4.2723","2.4.2725","2.4.2726","2.5.0-beta.2713","2.5.0-beta.2715","2.5.0-beta.2716","2.5.0-beta.2717","2.5.0-beta.2720","2.5.0-beta.2722","2.5.0-beta.2724","2.5.0-beta.2727","2.5.0-beta.2740","2.5.2750","2.5.2752","2.5.2753","2.5.2754","2.5.2755","2.5.2757","2.5.2759","2.5.2760","2.5.2761","2.5.2762","2.5.2763","2.5.2765","2.5.2767","2.6.2771","2.6.2773","2.6.2774","2.6.2776","2.6.2778","2.6.2779","2.6.2780","2.6.2781","2.6.2783","2.6.2784","2.6.2785","2.6.2788","2.6.2789","2.6.2791","2.6.2793","2.6.2794","2.6.2795","2.6.2796","2.6.2797","2.6.2798","2.6.2804","2.6.2903","2.6.2911","2.6.2916","2.6.2922","2.6.2923","2.6.2929","2.6.2930","2.6.2931","2.6.2940","2.6.2944","2.6.2945","2.6.2949","2.6.2950","2.6.2951","2.6.2952","2.6.2953","2.6.2954","2.6.2955","2.6.2956","2.6.2957","2.6.2958","2.6.2959","2.6.2960","2.6.2961","2.6.2962","2.6.2963","2.6.2964","2.6.2965","2.6.2966","2.6.2967","2.6.2968","2.6.2969","2.6.2970","2.6.2971","2.6.2972","2.6.2973","2.6.2974","2.6.2975","2.6.2976","2.6.2977","2.6.2978","2.6.2979","2.6.2980","2.6.2981","2.6.2982","2.6.2983","2.6.2984","2.6.2985","2.6.2986","2.6.2987","2.6.2988","2.6.2989","2.6.2990","2.6.2991","2.6.2992","2.6.2993","2.6.2994","2.6.2995","2.6.2996","2.6.2997","2.6.2998","2.6.2999","2.6.3000","2.6.3001","2.6.3002","2.6.3003","2.6.3004","2.6.3005","2.6.3006","2.6.3007","2.6.3008","2.6.3009","2.6.3010","2.6.3011","2.6.3012","2.6.3013","2.6.3014","2.6.3015","2.6.3016","2.6.3017","2.6.3018","2.6.3019","2.7.0","2.7.0-beta.2","2.7.0.1","2.7.1","2.7.10","2.7.2","2.7.3","2.7.4","2.7.5","2.7.6","2.7.7","2.7.7.1","2.7.7.2","2.7.7.3","2.7.8","2.7.9","2.8.0","2.8.0.1","2.8.0.2","2.9.0","2.9.1","2.9.2","3.0.0","3.0.0-RC1","3.0.0-RC10","3.0.0-RC10.1","3.0.0-RC11","3.0.0-RC12","3.0.0-RC13","3.0.0-RC14","3.0.0-RC15","3.0.0-RC16","3.0.0-RC16.1","3.0.0-RC17","3.0.0-RC17.1","3.0.0-RC2","3.0.0-RC3","3.0.0-RC4","3.0.0-RC5","3.0.0-RC6","3.0.0-RC7","3.0.0-RC7.1","3.0.0-RC8","3.0.0-RC9","3.0.0-beta.1","3.0.0-beta.10","3.0.0-beta.11","3.0.0-beta.12","3.0.0-beta.13","3.0.0-beta.14","3.0.0-beta.15","3.0.0-beta.16","3.0.0-beta.17","3.0.0-beta.18","3.0.0-beta.19","3.0.0-beta.2","3.0.0-beta.20","3.0.0-beta.21","3.0.0-beta.22","3.0.0-beta.23","3.0.0-beta.24","3.0.0-beta.25","3.0.0-beta.26","3.0.0-beta.27","3.0.0-beta.28","3.0.0-beta.29","3.0.0-beta.3","3.0.0-beta.30","3.0.0-beta.31","3.0.0-beta.32","3.0.0-beta.33","3.0.0-beta.34","3.0.0-beta.35","3.0.0-beta.36","3.0.0-beta.4","3.0.0-beta.5","3.0.0-beta.6","3.0.0-beta.7","3.0.0-beta.8","3.0.0-beta.9","3.0.0.1","3.0.0.2","3.0.1","3.0.10","3.0.10.1","3.0.10.2","3.0.10.3","3.0.11","3.0.12","3.0.13","3.0.13.1","3.0.13.2","3.0.14","3.0.15","3.0.16","3.0.16.1","3.0.17","3.0.17.1","3.0.18","3.0.19","3.0.2","3.0.20","3.0.21","3.0.22","3.0.23","3.0.23.1","3.0.24","3.0.25","3.0.26","3.0.26.1","3.0.27","3.0.27.1","3.0.28","3.0.29","3.0.3","3.0.3.1","3.0.30","3.0.30.1","3.0.30.2","3.0.31","3.0.32","3.0.33","3.0.34","3.0.35","3.0.36","3.0.37","3.0.38","3.0.39","3.0.4","3.0.40","3.0.40.1","3.0.41","3.0.41.1","3.0.5","3.0.6","3.0.7","3.0.8","3.0.9","3.1.0","3.1.0-beta.1","3.1.0-beta.2","3.1.0-beta.3","3.1.0-beta.4","3.1.0-beta.5","3.1.0-beta.5.1","3.1.0-beta.6","3.1.0-beta.7","3.1.1","3.1.10","3.1.11","3.1.12","3.1.13","3.1.14","3.1.15","3.1.16","3.1.17","3.1.17.1","3.1.17.2","3.1.18","3.1.19","3.1.2","3.1.2.1","3.1.2.2","3.1.20","3.1.20.1","3.1.21","3.1.21.1","3.1.22","3.1.23","3.1.24","3.1.25","3.1.26","3.1.27","3.1.28","3.1.29","3.1.3","3.1.30","3.1.31","3.1.32","3.1.32.1","3.1.33","3.1.34","3.1.34.1","3.1.34.2","3.1.34.3","3.1.4","3.1.5","3.1.6","3.1.6.1","3.1.7","3.1.8","3.1.9","3.1.9.1","3.2.0","3.2.0-RC1","3.2.0-RC2","3.2.0-RC3","3.2.0-alpha.1","3.2.0-alpha.2","3.2.0-alpha.2.1","3.2.0-alpha.3","3.2.0-alpha.4","3.2.0-alpha.5","3.2.0-alpha.6","3.2.0-alpha.6.1","3.2.0-alpha.6.2","3.2.0-alpha.6.3","3.2.0-alpha.6.4","3.2.0-alpha.7","3.2.0-beta.1","3.2.0-beta.2","3.2.0-beta.3","3.2.1","3.2.10","3.2.2","3.2.3","3.2.4","3.2.4.1","3.2.5","3.2.5.1","3.2.6","3.2.7","3.2.8","3.2.9","3.3.0","3.3.0.1","3.3.1","3.3.1.1","3.3.1.2","3.3.10","3.3.11","3.3.12","3.3.13","3.3.14","3.3.15","3.3.16","3.3.16.1","3.3.16.2","3.3.16.3","3.3.17","3.3.18","3.3.18.1","3.3.18.2","3.3.18.3","3.3.18.4","3.3.19","3.3.2","3.3.20","3.3.20.1","3.3.3","3.3.4","3.3.4.1","3.3.5","3.3.6","3.3.7","3.3.8","3.3.9","3.4.0","3.4.0-RC1","3.4.0-RC1.1","3.4.0-RC2","3.4.0-RC3","3.4.0-beta.1","3.4.0-beta.2","3.4.0-beta.3","3.4.0-beta.4","3.4.0-beta.5","3.4.0.1","3.4.0.2","3.4.1","3.4.10","3.4.10.1","3.4.11","3.4.12","3.4.13","3.4.14","3.4.15","3.4.16","3.4.17","3.4.17.1","3.4.18","3.4.19","3.4.19.1","3.4.2","3.4.20","3.4.21","3.4.22","3.4.22.1","3.4.23","3.4.24","3.4.25","3.4.26","3.4.27","3.4.28","3.4.28.1","3.4.29","3.4.29.1","3.4.3","3.4.30","3.4.4","3.4.4.1","3.4.5","3.4.6","3.4.6.1","3.4.7","3.4.7.1","3.4.8","3.4.9","3.5.0","3.5.0-RC1","3.5.0-RC1.1","3.5.0-RC2","3.5.0-RC3","3.5.0-RC4","3.5.0-RC5","3.5.0-RC6","3.5.0-beta.1","3.5.0-beta.2","3.5.0-beta.3","3.5.1","3.5.10","3.5.10.1","3.5.11","3.5.11.1","3.5.12","3.5.12.1","3.5.13","3.5.13.1","3.5.13.2","3.5.14","3.5.15","3.5.15.1","3.5.16","3.5.17","3.5.17.1","3.5.18","3.5.19","3.5.19.1","3.5.2","3.5.3","3.5.4","3.5.5","3.5.6","3.5.7","3.5.8","3.5.9","3.6.0","3.6.0-RC1","3.6.0-RC2","3.6.0-RC2.1","3.6.0-RC3","3.6.0-RC4","3.6.0-beta.1","3.6.0-beta.1.1","3.6.0-beta.2","3.6.0.1","3.6.1","3.6.10","3.6.11","3.6.11.1","3.6.11.2","3.6.12","3.6.12.1","3.6.13","3.6.14","3.6.15","3.6.16","3.6.17","3.6.18","3.6.2","3.6.3","3.6.4","3.6.4.1","3.6.5","3.6.5.1","3.6.6","3.6.7","3.6.8","3.6.9","3.7.0","3.7.0-beta.1","3.7.0-beta.2","3.7.0-beta.3","3.7.0-beta.4","3.7.0-beta.5","3.7.0-beta.6","3.7.1","3.7.10","3.7.11","3.7.12","3.7.13","3.7.14","3.7.15","3.7.16","3.7.17","3.7.17.1","3.7.17.2","3.7.18","3.7.18.1","3.7.18.2","3.7.19","3.7.19.1","3.7.2","3.7.20","3.7.21","3.7.22","3.7.23","3.7.24","3.7.25","3.7.25.1","3.7.26","3.7.27","3.7.27.1","3.7.27.2","3.7.28","3.7.29","3.7.3","3.7.3.1","3.7.3.2","3.7.30","3.7.30.1","3.7.31","3.7.32","3.7.33","3.7.34","3.7.35","3.7.36","3.7.37","3.7.38","3.7.39","3.7.4","3.7.40","3.7.40.1","3.7.41","3.7.42","3.7.43","3.7.44","3.7.45","3.7.45.1","3.7.45.2","3.7.46","3.7.47","3.7.47.1","3.7.48","3.7.49","3.7.5","3.7.50","3.7.51","3.7.52","3.7.53","3.7.53.1","3.7.54","3.7.55","3.7.55.1","3.7.55.2","3.7.55.3","3.7.56","3.7.57","3.7.58","3.7.59","3.7.6","3.7.60","3.7.61","3.7.62","3.7.63","3.7.63.1","3.7.64","3.7.64.1","3.7.65","3.7.65.1","3.7.65.2","3.7.66","3.7.67","3.7.68","3.7.7","3.7.8","3.7.9","3.8.0","3.8.0-beta.1","3.8.0-beta.2","3.8.0-beta.3","3.8.0-beta.4","3.8.0-beta.5","3.8.0-beta.6","3.8.1","3.8.10","3.8.10.1","3.8.10.2","3.8.11","3.8.12","3.8.13","3.8.14","3.8.15","3.8.16","3.8.17","3.8.2","3.8.3","3.8.4","3.8.5","3.8.6","3.8.7","3.8.8","3.8.9","3.9.0","3.9.1","3.9.10","3.9.11","3.9.12","3.9.13","3.9.14","3.9.15","3.9.2","3.9.3","3.9.4","3.9.5","3.9.6","4.0.0","4.0.0-RC1","4.0.0-RC2","4.0.0-RC3","4.0.0-alpha.1","4.0.0-beta.1","4.0.0-beta.2","4.0.0-beta.3","4.0.0-beta.4","4.0.0.1","4.0.1","4.0.2","4.0.3","4.0.4","4.0.5","4.0.5.1","4.0.5.2","4.0.6","4.1.0","4.1.0.1","4.1.0.2","4.1.1","4.1.2","4.1.3","4.1.4","4.1.4.1","4.10.0","4.10.0-beta.1","4.10.0-beta.2","4.10.1","4.10.2","4.10.3","4.10.4","4.10.5","4.10.6","4.10.7","4.10.8","4.11.0","4.11.0.1","4.11.0.2","4.11.1","4.11.2","4.11.3","4.11.4","4.11.5","4.12.0","4.12.1","4.12.2","4.12.3","4.12.4","4.12.4.1","4.12.5","4.12.6","4.12.6.1","4.12.7","4.12.8","4.12.9","4.13.0","4.13.1","4.13.1.1","4.13.10","4.13.2","4.13.3","4.13.4","4.13.5","4.13.6","4.13.7","4.13.8","4.13.9","4.14.0","4.14.0.1","4.14.0.2","4.14.1","4.14.10","4.14.11","4.14.11.1","4.14.12","4.14.13","4.14.14","4.14.15","4.14.2","4.14.3","4.14.4","4.14.5","4.14.6","4.14.7","4.14.8","4.14.8.1","4.14.9","4.15.0","4.15.0-beta.1","4.15.0-beta.2","4.15.0.1","4.15.0.2","4.15.1","4.15.2","4.2.0","4.2.0.1","4.2.0.2","4.2.1","4.2.1.1","4.2.2","4.2.3","4.2.4","4.2.5","4.2.5.1","4.2.5.2","4.2.6","4.2.7","4.2.8","4.3.0","4.3.1","4.3.10","4.3.11","4.3.2","4.3.2.1","4.3.3","4.3.4","4.3.5","4.3.6","4.3.6.1","4.3.7","4.3.7.1","4.3.8","4.3.8.1","4.3.8.2","4.3.9","4.4.0","4.4.0-beta.1","4.4.0-beta.2","4.4.0-beta.3","4.4.0-beta.4","4.4.0-beta.5","4.4.0-beta.6","4.4.0-beta.7","4.4.1","4.4.10","4.4.10.1","4.4.11","4.4.12","4.4.13","4.4.14","4.4.15","4.4.16","4.4.16.1","4.4.17","4.4.2","4.4.3","4.4.4","4.4.5","4.4.6","4.4.6.1","4.4.7","4.4.7.1","4.4.8","4.4.9","4.5.0","4.5.0-beta.1","4.5.0-beta.2","4.5.1","4.5.10","4.5.11","4.5.11.1","4.5.12","4.5.13","4.5.14","4.5.15","4.5.2","4.5.3","4.5.4","4.5.5","4.5.6","4.5.6.1","4.5.7","4.5.8","4.5.9","4.6.0","4.6.0-RC1","4.6.1","4.7.0","4.7.1","4.7.2","4.7.2.1","4.7.3","4.7.4","4.8.0","4.8.1","4.8.10","4.8.11","4.8.2","4.8.3","4.8.4","4.8.5","4.8.6","4.8.7","4.8.8","4.8.9","4.9.0","4.9.1","4.9.2","4.9.3","4.9.4","4.9.5","4.9.6","4.9.7"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/05/GHSA-7vrx-9684-xrf2/GHSA-7vrx-9684-xrf2.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:H"},{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:A"}]}