{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-54314", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-08-10T00:19:19.943Z", "dateReserved": "2025-07-20T00:00:00.000Z", "datePublished": "2025-07-20T00:00:00.000Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Thor", "vendor": "rubyonrails", "versions": [{"lessThan": "1.4.0", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because \"the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments.\""}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-08-10T00:19:19.943Z"}, "references": [{"url": "https://github.com/rails/thor/commit/536b79036a0efb765c1899233412e7b1ca94abfa"}, {"url": "https://hackerone.com/reports/3260153"}, {"url": "https://github.com/rails/thor/pull/897"}, {"url": "https://github.com/rails/thor/releases/tag/v1.4.0"}, {"url": "https://github.com/github/advisory-database/pull/5912#issuecomment-3169255309"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 2.8, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N"}}], "tags": ["disputed"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-21T18:31:26.798255Z", "id": "CVE-2025-54314", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-21T20:37:14.593Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-54314", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-21T18:31:26.798255Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-21T20:35:48.333Z"}}], "cna": {"tags": ["disputed"], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 2.8, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N"}}], "affected": [{"vendor": "rubyonrails", "product": "Thor", "versions": [{"status": "affected", "version": "0", "lessThan": "1.4.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/rails/thor/commit/536b79036a0efb765c1899233412e7b1ca94abfa"}, {"url": "https://hackerone.com/reports/3260153"}, {"url": "https://github.com/rails/thor/pull/897"}, {"url": "https://github.com/rails/thor/releases/tag/v1.4.0"}, {"url": "https://github.com/github/advisory-database/pull/5912#issuecomment-3169255309"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "descriptions": [{"lang": "en", "value": "Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because \"the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments.\""}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-08-10T00:19:19.943Z"}}}, "cveMetadata": {"cveId": "CVE-2025-54314", "state": "PUBLISHED", "dateUpdated": "2025-08-10T00:19:19.943Z", "dateReserved": "2025-07-20T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2025-07-20T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because \"the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments.\""}, {"lang": "es", "value": "Thor anterior a 1.4.0 puede construir un comando de shell inseguro desde la entrada de la librer\u00eda."}], "id": "CVE-2025-54314", "lastModified": "2025-08-10T01:15:32.107", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.8, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 1.4, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2025-07-20T03:15:22.160", "references": [{"source": "cve@mitre.org", "url": "https://github.com/github/advisory-database/pull/5912#issuecomment-3169255309"}, {"source": "cve@mitre.org", "url": "https://github.com/rails/thor/commit/536b79036a0efb765c1899233412e7b1ca94abfa"}, {"source": "cve@mitre.org", "url": "https://github.com/rails/thor/pull/897"}, {"source": "cve@mitre.org", "url": "https://github.com/rails/thor/releases/tag/v1.4.0"}, {"source": "cve@mitre.org", "url": "https://hackerone.com/reports/3260153"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "cve@mitre.org", "type": "Secondary"}]}

{"bugzilla": {"description": "thor: Thor Command Injection Vulnerability", "id": "2382101", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382101"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", "status": "draft"}, "cwe": "CWE-78", "details": ["Thor before 1.4.0 can construct an unsafe shell command from library input.", "A flaw was found in Thor, where it improperly constructs shell commands using data derived from libraries. This flaw allows a local attacker to execute arbitrary commands. Command execution occurs when processing specially crafted library input."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-54314", "package_state": [{"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp2/zync-rhel8", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp2/zync-rhel9", "product_name": "Red Hat 3scale API Management Platform 2"}], "public_date": "2025-07-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-54314\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-54314\nhttps://github.com/rails/thor/commit/536b79036a0efb765c1899233412e7b1ca94abfa\nhttps://github.com/rails/thor/pull/897\nhttps://github.com/rails/thor/releases/tag/v1.4.0\nhttps://hackerone.com/reports/3260153"], "threat_severity": "Low"}