CVE-2025-62187_CVE-2025-62187

2.9 / 10

LOW

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Description

In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux (media file pathnames are not necessarily relative to the media folder).

Basic Information

ID CVE-2025-62187

Source mitre

Published Oct 7, 2025 at 00:00

Modified Oct 7, 2025 at 21:07

Affected Product

Vendor Ankitects

Product Anki

Affected Versions Ankitects Anki 0

CWE Classification

CWE-23

References

{
    "lastseen": "",
    "description": "In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux (media file pathnames are not necessarily relative to the media folder).",
    "published": "2025-10-07T00:00:00.000Z",
    "modified": "2025-10-07T21:07:45.482Z",
    "type": "cve",
    "title": "CVE-2025-62187",
    "source": "mitre",
    "references": "https://github.com/ankitects/anki/releases/tag/25.02.6\nhttps://github.com/ankitects/anki/pull/4041\nhttps://github.com/ankitects/anki/pull/4041/commits/51476e05b281737a0c2924342bccdb6e5be52ea9",
    "id": "CVE-2025-62187",
    "bulletinFamily": "",
    "cwe": [
        "CWE-23"
    ],
    "cvelist": null,
    "sourceData": "Ankitects Anki 0",
    "sourceHref": "",
    "cvss": {
        "score": 2.9,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Anki",
    "version": "0",
    "vendor": "Ankitects",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}