Cisa: >> Thorium >> 1.1.1 Security Vulnerabilities
CISA Thorium does not adequately validate the paths of downloaded files via 'download_ephemeral' and 'download_children'. A remote, authenticated attacker could access arbitrary files subject to file system permissions. Fixed in 1.1.2.
CVSS Score
5.0
EPSS Score
0.0
Published
2025-09-17
CISA Thorium does not validate TLS certificates when connecting to Elasticsearch. An unauthenticated attacker with access to a Thorium cluster could impersonate the Elasticsearch service. Fixed in 1.1.2.
CVSS Score
4.2
EPSS Score
0.0
Published
2025-09-17
CISA Thorium accepts a stream split size of zero then divides by this value. A remote, authenticated attacker could cause the service to crash. Fixed in commit 89101a6.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-09-17