CVE-2025-0332

Summary

In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory.

Affected Software

VendorProductVersion RangeStatus
Progress SoftwareProgress® Telerik® UI for WinForms1.0.0 < 2025 Q1 (2025.1.211)affected

Weaknesses

  • CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References