CVE-2025-53602 | SynScan

Vulnerability Database

290,476

Total vulnerabilities in the database

CVE-2025-53602

Zipkin through 3.5.1 has a /heapdump endpoint (associated with the use of Spring Boot Actuator), a similar issue to CVE-2025-48927.

Published: Jul 4, 2025
Updated: Jul 8, 2025
CVE: CVE-2025-53602
GHSA: GHSA-794x-8x6x-qpfc
Severity: Medium
Exploit:

CVSS v3:

Severity: Unknown
Score:
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-1188

Affected Software
References

Software	From	Fixed in
io.zipkin / zipkin-server	-	3.5.1.x