CVE-2025-65017

Sažetak

Decidim is a participatory democracy framework. In versions from 0.30.0 to before 0.30.4 and from 0.31.0.rc1 to before 0.31.0, the private data exports can lead to data leaks in case the UUID generation, causing collisions for the generated UUIDs. This issue has been patched in versions 0.30.4 and 0.31.0.

Reference

https://github.com/decidim/decidim/pull/13571
https://github.com/decidim/decidim/releases/tag/v0.30.4
https://github.com/decidim/decidim/releases/tag/v0.31.0
https://github.com/decidim/decidim/security/advisories/GHSA-3cx6-j9j4-54mp

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

03-02-2026 - 16:44

Objavljeno

03-02-2026 - 15:16