Vulnerability Details CVE-2025-11965
In Eclipse Vert.x versions [4.0.0, 4.5.21] and [5.0.0, 5.0.4], a StaticHandler configuration for restricting access to hidden files fails to restrict access to hidden directories, allowing unauthorized users to retrieve files within them (e.g. '.git/config').
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.9%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2025-11965
-
cpe:2.3:a:eclipse:vert.x:*
-
cpe:2.3:a:eclipse:vert.x:4.0.0
-
cpe:2.3:a:eclipse:vert.x:4.3.0
-
cpe:2.3:a:eclipse:vert.x:4.5.10
-
cpe:2.3:a:eclipse:vert.x:4.5.9