How severe is CVE-2025-30258?

This vulnerability has a severity rating of LOW with a CVSS score of 2.7 out of 10.

What type of vulnerability is CVE-2025-30258?

This is classified as CWE-754, which is a common weakness in software security.

CVE-2025-30258

LOW Year: 2025

CVSS v3 Score

2.7

Low

Weakness Type

CWE-754

View all →

Vulnerability Description

In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."

CVE-2022-47111

LOW

CVSS:2.5(Low)

7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected.

CWE-7542022

CVE-2022-47112

LOW

CVSS:2.5(Low)

7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected.

CWE-7542022

CVE-2024-27457

LOW

CVSS:2.5(Low)

Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow a privileged user to potentially enable information disclosure via local access.

CWE-7542024

CVE-2025-0503

LOW

CVSS:3.1(Low)

Mattermost versions 9.11.x <= 9.11.6 fail to filter out DMs from the deleted channels endpoint which allows an attacker to infer user IDs and other metadata from deleted DMs if someone had manually ma...

CWE-7542025

CVE-2024-29979

MEDIUM

CVSS:2.3(Low)

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake, Phoe...

CWE-7542024