VYPR
Moderate severityNVD Advisory· Published Oct 22, 2025· Updated Oct 22, 2025

CVE-2025-11965

CVE-2025-11965

Description

In Eclipse Vert.x versions [4.0.0, 4.5.21] and [5.0.0, 5.0.4], a StaticHandler configuration for restricting access to hidden files fails to restrict access to hidden directories, allowing unauthorized users to retrieve files within them (e.g. '.git/config').

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.vertx:vertx-webMaven
< 4.5.224.5.22
io.vertx:vertx-webMaven
>= 5.0.0, < 5.0.55.0.5

Affected products

42

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.