Description

CISA Thorium accepts a stream split size of zero then divides by this value. A remote, authenticated attacker could cause the service to crash. Fixed in commit 89101a6.

INFO

Published Date :

2025-09-17T16:53:22.388Z

Last Modified :

2025-09-30T16:35:00.970Z

Source :

cisa-cg
AFFECTED PRODUCTS

The following products are affected by CVE-2025-35435 vulnerability.

Vendors Products
Cisa
  • Thorium
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-35435.

URL Resource
https://github.com/cisagov/thorium/commit/7c94a0b9bc2dc55e0c307360452f348bac06820c cve-icon cve-icon
https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-259-01.json cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-CVE-2025-35435 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact