Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-uvsf-xeyf-ukhx

Summary ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the ESP-IDF Bluetooth host stack (BlueDroid), the function bta_dm_sdp_result() used a fixed-size array uuid_list[32][MAX_UUID_SIZE] to store discovered service UUIDs during the SDP (Service Discovery Protocol) process. On modern Bluetooth devices, it is possible for the number of available services to exceed this fixed limit (32). In such cases, if more than 32 services are discovered, subsequent writes to uuid_list could exceed the bounds of the array, resulting in a potential out-of-bounds write condition.

Aliases

alias	CVE-2025-68473

Fixed_packages

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-68473

reference_id

reference_type

scores

value	0.00036
scoring_system	epss
scoring_elements	0.1125
published_at	2026-06-11T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.1131
published_at	2026-06-13T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.11319
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-68473

reference_url

https://github.com/espressif/esp-idf/commit/3286e45349b0b5c2b1422ef7e8d088b95eef895d

reference_id

3286e45349b0b5c2b1422ef7e8d088b95eef895d

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-29T16:44:09Z/

url

https://github.com/espressif/esp-idf/commit/3286e45349b0b5c2b1422ef7e8d088b95eef895d

reference_url

https://github.com/espressif/esp-idf/commit/4d928f2265c394d2abc85024228e920a5b26bcab

reference_id

4d928f2265c394d2abc85024228e920a5b26bcab

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-29T16:44:09Z/

url

https://github.com/espressif/esp-idf/commit/4d928f2265c394d2abc85024228e920a5b26bcab

reference_url

https://github.com/espressif/esp-idf/commit/5b3185168dae83d42aa0852689422fffd931f16c

reference_id

5b3185168dae83d42aa0852689422fffd931f16c

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-29T16:44:09Z/

url

https://github.com/espressif/esp-idf/commit/5b3185168dae83d42aa0852689422fffd931f16c

reference_url

https://github.com/espressif/esp-idf/commit/6453f57a954458ad8ffd6e4bf2d9e76b73fac0f1

reference_id

6453f57a954458ad8ffd6e4bf2d9e76b73fac0f1

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-29T16:44:09Z/

url

https://github.com/espressif/esp-idf/commit/6453f57a954458ad8ffd6e4bf2d9e76b73fac0f1

reference_url

https://github.com/espressif/esp-idf/commit/6ca6f422dafaffcb88fa56cc458ce92d96be3b2e

reference_id

6ca6f422dafaffcb88fa56cc458ce92d96be3b2e

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-29T16:44:09Z/

url

https://github.com/espressif/esp-idf/commit/6ca6f422dafaffcb88fa56cc458ce92d96be3b2e

reference_url

https://github.com/espressif/esp-idf/commit/9889edd799cf369e082df9d01adba961d64693ed

reference_id

9889edd799cf369e082df9d01adba961d64693ed

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-29T16:44:09Z/

url

https://github.com/espressif/esp-idf/commit/9889edd799cf369e082df9d01adba961d64693ed

reference_url

https://github.com/espressif/esp-idf/commit/ecb86d353640cf1375bf97db32e702ba59c551b6

reference_id

ecb86d353640cf1375bf97db32e702ba59c551b6

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-29T16:44:09Z/

url

https://github.com/espressif/esp-idf/commit/ecb86d353640cf1375bf97db32e702ba59c551b6

reference_url

https://github.com/espressif/esp-idf/security/advisories/GHSA-hmjj-rjvv-w8pq

reference_id

GHSA-hmjj-rjvv-w8pq

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-29T16:44:09Z/

url

https://github.com/espressif/esp-idf/security/advisories/GHSA-hmjj-rjvv-w8pq

Weaknesses

cwe_id	787
name	Out-of-bounds Write
description	The product writes data past the end, or before the beginning, of the intended buffer.

Exploits

Severity_range_score 0.0 - 0.0

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uvsf-xeyf-ukhx

Vulnerability Instance