ZDI-25-115: (0Day) Ashlar-Vellum Cobalt VS File Parsing Use of Uninitialized Variable Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-2014.

perl-5.40.2-517.fc42

FEDORA-2025-26c0346398 Packages in this update: perl-5.40.2-517.fc42 Update description: Fix CVE-2024-56406 Read More

April 14, 2025

perl-5.40.2-515.fc41

FEDORA-2025-11fcc87c66 Packages in this update: perl-5.40.2-515.fc41 Update description: Fix CVE-2024-56406 Read More

April 14, 2025

perl-5.38.4-508.fc40

FEDORA-2025-8445f115f6 Packages in this update: perl-5.38.4-508.fc40 Update description: Fix CVE-2024-56406 Read More

April 14, 2025

ruby-3.3.8-19.fc40

FEDORA-2025-9bef972bb9 Packages in this update: ruby-3.3.8-19.fc40 Update description: Upgrade to Ruby 3.3.8. CVE-2025-25186: Fix Net::IMAP vulnerable to possible DoS by...

April 14, 2025