CVE-2025-14591

PII Leak Due to Change in EOR Handling

Description

In Delphix Continuous Compliance version 2025.3.0 and later, following a recent bug fix to correctly handle CR+LF (Windows and DOS) End-of-Record (EOR) characters in delimited files, an issue was identified: using an incorrect EOR configuration can cause inaccurate parsing and leave personally identifiable information (PII) unmasked.

INFO

Published Date :

2025-12-20T03:04:21.183Z

Last Modified :

2025-12-22T16:11:52.890Z

Source :

Perforce

AFFECTED PRODUCTS

The following products are affected by CVE-2025-14591 vulnerability.

Vendors	Products
Microsoft	Ms-dos Windows
Perforce	Delphix Continuous Compliance Perforce

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-14591.

URL	Resource
https://portal.perforce.com/s/article/TB137
https://portal.perforce.com/s/cve/a91Qi000002fThdIAE/pii-leak-due-to-change-in-eor-handling

CVSS Vulnerability Scoring System

V4
V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact