Home > Vulnerability Database > CVE-2025-4639

Mend.io Vulnerability Database

CVE-2025-4639

Date: May 14, 2025

CWE-611 Improper Restriction of XML External Entity Reference in the getDocumentBuilder() method of WebDav servlet in Peergos. This issue affects Peergos through version 1.1.0.

Severity Score

8.2

Related Resources (3)

Url: https://github.com/Peergos/Peergos/pull/1267

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-4639

Url: https://www.mend.io/vulnerability-database/CVE-2025-4639

Severity Score

8.2

Weakness Type (CWE)

Improper Restriction of XML External Entity Reference

CWE-611

CVSS v3.1

Base Score:	8.2
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2025-4639

Date: May 14, 2025

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?