CVE-2025-43708

Publication date

2025-04-17 00:00:00

Family

mitre

State

PUBLISHED

Description

VisiCut 2.1 allows stack consumption via an XML document with nested set elements, as demonstrated by a java.util.HashMap StackOverflowError when reference=../../../set/set[2] is used, aka an "insecure deserialization" issue.