Description

Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excessively large files, potentially causing the server to run out of space and return HTTP 500 error, resulting in a denial of service. This issue has been patched in versions 1.6.2 and 2.4.0. A workaround is provided on the Jmix documentation website.

INFO

Published Date :

2025-04-22T17:32:11.966Z

Last Modified :

2025-05-27T17:00:25.356Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-32952 vulnerability.

Vendors Products
Haulmont
  • Cuba Platform
  • Cuba Rest Api
  • Jmix Framework
  • Jpa Web Api
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-32952.

URL Resource
https://docs.jmix.io/jmix/files-vulnerabilities.html cve-icon cve-icon
https://docs.jmix.io/jmix/files-vulnerabilities.html#disable-files-endpoint-in-jmix-application cve-icon cve-icon
https://github.com/jmix-framework/jmix/commit/6a66aa3adb967159a30d703e80403406f4c8f7a2 cve-icon cve-icon
https://github.com/jmix-framework/jmix/commit/c589ef4e2b25620770b8036f4ad05f1a6250cb6a cve-icon cve-icon
https://github.com/jmix-framework/jmix/commit/cc97e6ff974b9e7af8160fab39cc5866169daa37 cve-icon cve-icon
https://github.com/jmix-framework/jmix/commit/f4e6fb05bd245cf36f3e9319aaa0fcd540d024aa cve-icon cve-icon
https://github.com/jmix-framework/jmix/issues/3804 cve-icon cve-icon
https://github.com/jmix-framework/jmix/issues/3836 cve-icon cve-icon
https://github.com/jmix-framework/jmix/security/advisories/GHSA-f3gv-cwwh-758m cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact