Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2025-7209

Date: July 8, 2025

A vulnerability has been found in 9fans plan9port up to 9da5b44 and classified as problematic. Affected by this vulnerability is the function value_decode in the library src/libsec/port/x509.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The identifier of the patch is deae8939583d83fd798fca97665e0e94656c3ee8. It is recommended to apply a patch to fix this issue.

Severity Score

Related Resources (9)

https://github.com/9fans/plan9port/issues/711
https://nvd.nist.gov/vuln/detail/CVE-2025-7209
https://git.9front.org/plan9front/plan9front/deae8939583d83fd798fca97665e0e94656c3ee8/commit.html
https://vuldb.com/?id.315157
https://github.com/user-attachments/files/19698361/plan9port_crash_2.txt
https://vuldb.com/?ctiid.315157
https://github.com/9fans/plan9port/issues/711#issuecomment-2819905220
https://vuldb.com/?submit.607685
https://www.mend.io/vulnerability-database/CVE-2025-7209

Severity Score

Weakness Type (CWE)

Improper Resource Shutdown or Release

CWE-404

NULL Pointer Dereference

CWE-476

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): LOW

CVSS v2

Base Score:
Access Vector (AV): LOCAL
Access Complexity (AC): LOW
Authentication (AU): SINGLE
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us