VYPR
Unrated severityNVD Advisory· Published Sep 4, 2025· Updated Sep 4, 2025

IBM Jazz Foundation path traversal

CVE-2025-25048

Description

IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 could allow an authenticated user to upload files to the system due to improper neutralization of sequences that can resolve to a restricted directory.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • IBM/Jazz Foundationcpe-rescue2 versions
    cpe:2.3:a:ibm:jazz_foundation:7.0.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:jazz_foundation:7.0.2:*:*:*:*:*:*:*range: 7.0.2
    • (no CPE)range: 7.0.2 to 7.0.2 iFix033, 7.0.3 to 7.0.3 iFix012, 7.1.0 to 7.1.0 iFix002

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.