PT-2025-38234 · Cisa · Thorium

Published

2025-09-17

Updated

2025-09-17

CVE-2025-35435

CVSS v3.1

4.3

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CISA Thorium accepts a stream split size of zero then divides by this value. A remote, authenticated attacker could cause the service to crash. Fixed in commit 89101a6.

Fix

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-369

Related Identifiers

CVE-2025-35435

Affected Products

Thorium

PT-2025-38234 · Cisa · Thorium

Weakness Enumeration

Related Identifiers

Affected Products

References · 4