Description

The seffaflik thru 0.0.9 is vulnerable to symlink attacks due to incorrect default permissions given to the .kimlik file and .seffaflik file, which is created with mode 0777 and 0775 respectively, exposing secrets to other local users. Additionally, the .kimlik file is written without symlink checks, allowing local attackers to overwrite arbitrary files. This can result in information disclosure and denial of service.

INFO

Published Date :

2025-10-22T00:00:00.000Z

Last Modified :

2025-10-27T13:33:54.945Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-61035 vulnerability.

Vendors Products
Seffaflik
  • Seffaflik
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-61035.

URL Resource
https://github.com/nurisensoy/seffaflik cve-icon cve-icon
https://github.com/nurisensoy/seffaflik/issues/3 cve-icon cve-icon
https://pypi.org/project/seffaflik/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact