CVE-2025-4497 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Simple Banking System

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120 — Classic Buffer Overflow3 documents3 sources

Severity

4.8MEDIUMNVD

EPSS

0.1%

top 76.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Code-projects Simple Banking System

Timeline

PublishedMay 10

Description

A vulnerability was found in code-projects Simple Banking System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the component Sign In. The manipulation of the argument password2 leads to buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

▶NVDcode-projects/simple_banking_system< 1.0

▶CVEListV5code-projects/simple_banking_system1.0

🔴Vulnerability Details

CVEList

code-projects Simple Banking System Sign In buffer overflow↗2025-05-10

▶

GHSA

GHSA-3j83-vjvj-964q: A vulnerability was found in code-projects Simple Banking System up to 1↗2025-05-10

▶