Security Advisory

CVE-2025-55085

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-17 14:22:28

Last updated 2025-10-20 18:42:08

Assigner eclipse

State PUBLISHED

Description

In NextX Duo before 6.4.4, in the HTTP client module, the network support code for Eclipse Foundation ThreadX, the parsing of HTTP header fields was missing bounds verification. A crafted server response could cause undefined behavior.

← Browse all CVEs View on cve.org ↗