CVE Vulnerabilities

CVE-2025-30403

Published: Jul 11, 2025 | Modified: Jul 11, 2025

CVSS 3.x

N/A

Source:

NVD

CVSS 2.x

RedHat/V2

RedHat/V3

Ubuntu

Vulnerability-free packages from our partners

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-30403
CWE	https://cwe.mitre.org/data/definitions/.html

A heap-buffer-overflow vulnerability is possible in mvfst via a specially crafted message during a QUIC session. This issue affects mvfst versions prior to v2025.07.07.00.

References

https://github.com/facebook/mvfst/commit/65b297332191de6e867c4a3139a233fc84c0e7e0
https://www.facebook.com/security/advisories/cve-2025-30403

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.