PT-2025-31858 · Stardict · Youdao Plugin +1

Vincent Lefevre

Published

2025-08-04

Updated

2025-08-04

CVE-2025-55014

CVSS v3.1

4.7

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions:

StarDict versions 3.0.7+git20220909+dfsg-6

Description:

The YouDao plugin for StarDict sends X11 selection data to the dict.youdao.com and dict.cn servers via cleartext HTTP.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Weakness Enumeration

CVE-2025-55014

Stardict

Youdao Plugin