Executive Summary

Informations
Name CVE-2025-30358 First vendor Publication 2025-03-27
Vendor Cve Last vendor Modification 2025-03-27

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

Mesop is a Python-based UI framework that allows users to build web applications. A class pollution vulnerability in Mesop prior to version 0.14.1 allows attackers to overwrite global variables and class attributes in certain Mesop modules during runtime. This vulnerability could directly lead to a denial of service (DoS) attack against the server. Additionally, it could also result in other severe consequences given the application's implementation, such as identity confusion, where an attacker could impersonate an assistant or system role within conversations. This impersonation could potentially enable jailbreak attacks when interacting with large language models (LLMs). Just like the Javascript's prototype pollution, this vulnerability could leave a way for attackers to manipulate the intended data-flow or control-flow of the application at runtime and lead to severe consequences like remote code execution when gadgets are available. Users should upgrade to version 0.14.1 to obtain a fix for the issue.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30358

Sources (Detail)

https://github.com/mesop-dev/mesop/commit/748e20d4a363d89b841d62213f5b0c6b4be...
https://github.com/mesop-dev/mesop/security/advisories/GHSA-f3mf-hm6v-jfhh
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
Date Informations
2025-04-21 14:16:51
  • Multiple Updates
2025-04-21 14:16:49
  • Multiple Updates
2025-04-21 05:53:06
  • Multiple Updates
2025-04-21 05:53:02
  • Multiple Updates
2025-04-20 14:17:25
  • Multiple Updates
2025-04-20 14:17:23
  • Multiple Updates
2025-04-20 07:31:08
  • Multiple Updates
2025-04-20 07:31:04
  • Multiple Updates
2025-04-19 14:17:41
  • Multiple Updates
2025-04-19 14:17:40
  • Multiple Updates
2025-04-19 06:17:29
  • Multiple Updates
2025-04-19 06:17:27
  • Multiple Updates
2025-04-18 16:36:05
  • Multiple Updates
2025-04-18 16:36:03
  • Multiple Updates
2025-04-18 03:17:53
  • Multiple Updates
2025-04-18 03:17:51
  • Multiple Updates
2025-04-17 14:17:17
  • Multiple Updates
2025-04-17 14:17:15
  • Multiple Updates
2025-04-17 06:47:43
  • Multiple Updates
2025-04-17 06:47:41
  • Multiple Updates
2025-04-16 14:22:57
  • Multiple Updates
2025-04-16 14:22:55
  • Multiple Updates
2025-04-16 07:05:37
  • Multiple Updates
2025-04-16 07:05:35
  • Multiple Updates
2025-04-15 14:18:48
  • Multiple Updates
2025-04-15 14:18:46
  • Multiple Updates
2025-04-15 05:10:11
  • Multiple Updates
2025-04-15 05:10:09
  • Multiple Updates
2025-04-14 15:57:27
  • Multiple Updates
2025-04-14 15:57:25
  • Multiple Updates
2025-04-14 04:56:52
  • Multiple Updates
2025-04-14 04:56:44
  • Multiple Updates
2025-04-13 15:25:10
  • Multiple Updates
2025-04-13 15:25:08
  • Multiple Updates
2025-04-13 03:26:21
  • Multiple Updates
2025-04-13 03:26:19
  • Multiple Updates
2025-04-12 14:17:24
  • Multiple Updates
2025-04-12 14:17:22
  • Multiple Updates
2025-04-12 04:33:23
  • Multiple Updates
2025-04-12 04:33:18
  • Multiple Updates
2025-04-11 14:45:03
  • Multiple Updates
2025-04-11 14:45:01
  • Multiple Updates
2025-04-11 03:25:15
  • Multiple Updates
2025-04-11 03:25:13
  • Multiple Updates
2025-04-10 14:19:48
  • Multiple Updates
2025-04-10 14:19:46
  • Multiple Updates
2025-04-10 03:35:25
  • Multiple Updates
2025-04-10 03:35:22
  • Multiple Updates
2025-04-09 14:19:35
  • Multiple Updates
2025-04-09 14:19:33
  • Multiple Updates
2025-04-09 03:20:45
  • Multiple Updates
2025-04-09 03:20:43
  • Multiple Updates
2025-04-08 14:16:11
  • Multiple Updates
2025-04-08 14:16:09
  • Multiple Updates
2025-04-08 03:22:07
  • Multiple Updates
2025-04-08 03:22:05
  • Multiple Updates
2025-04-07 14:15:29
  • Multiple Updates
2025-04-07 14:15:27
  • Multiple Updates
2025-04-07 03:16:16
  • Multiple Updates
2025-04-07 03:16:14
  • Multiple Updates
2025-04-06 14:15:20
  • Multiple Updates
2025-04-06 14:15:18
  • Multiple Updates
2025-04-06 03:17:39
  • Multiple Updates
2025-04-06 03:17:37
  • Multiple Updates
2025-04-05 14:18:49
  • Multiple Updates
2025-04-05 14:18:47
  • Multiple Updates
2025-04-05 03:22:35
  • Multiple Updates
2025-04-05 03:22:33
  • Multiple Updates
2025-04-04 14:16:56
  • Multiple Updates
2025-04-04 14:16:54
  • Multiple Updates
2025-04-04 03:15:49
  • Multiple Updates
2025-04-04 03:15:47
  • Multiple Updates
2025-04-03 15:09:52
  • Multiple Updates
2025-04-03 15:09:49
  • Multiple Updates
2025-04-03 03:14:52
  • Multiple Updates
2025-04-03 03:14:50
  • Multiple Updates
2025-04-02 14:15:32
  • Multiple Updates
2025-04-02 14:15:30
  • Multiple Updates
2025-04-02 03:15:43
  • Multiple Updates
2025-04-02 03:15:41
  • Multiple Updates
2025-04-01 14:15:21
  • Multiple Updates
2025-04-01 14:15:19
  • Multiple Updates
2025-03-31 17:20:34
  • Multiple Updates
2025-03-27 17:20:56
  • First insertion