Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) in the OpenSSL-based session module in AxxonSoft Axxon One (C-Werk) 2.0.6 and earlier on Windows allows a remote attacker under high load conditions to cause application crashes or unpredictable behavior via triggering memory reallocation errors when handling expired session keys.
References
| Link | Resource |
|---|---|
| https://www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisories | Vendor Advisory |
Configurations
History
08 Oct 2025, 12:15
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | (en) Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) in the OpenSSL-based session module in AxxonSoft Axxon One (C-Werk) 2.0.6 and earlier on Windows allows a remote attacker under high load conditions to cause application crashes or unpredictable behavior via triggering memory reallocation errors when handling expired session keys. |
06 Oct 2025, 17:29
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:axxonsoft:axxon_one:*:*:*:*:*:windows:*:* | |
| References | () https://www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisories - Vendor Advisory | |
| First Time |
Axxonsoft
Axxonsoft axxon One |
10 Sep 2025, 13:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-09-10 13:15
Updated : 2025-10-08 12:15
NVD link : CVE-2025-10225
Mitre link : CVE-2025-10225
CVE.ORG link : CVE-2025-10225
JSON object : View
Products Affected
axxonsoft
- axxon_one
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer