CVE-2025-43915
MEDIUMLinkerd edge < 25.2.1 and Buoyant Enterprise for Linkerd - Uncontrolled Resource Consumption
Title source: llmDescription
In Linkerd edge releases before edge-25.2.1, and Buoyant Enterprise for Linkerd releases 2.13.0–2.13.7, 2.14.0–2.14.10, 2.15.0–2.15.7, 2.16.0–2.16.4, and 2.17.0–2.17.1, resource exhaustion can occur for Linkerd proxy metrics.
References (2)
Core 2
Core References
Vendor Advisory
https://docs.buoyant.io/security/advisories/2025-01/
Product
https://www.buoyant.io/resources
Scores
CVSS v3
6.5
EPSS
0.0028
EPSS Percentile
19.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-400
Status
published
Products (3)
linkerd/buoyant
2.13.0 - 2.13.7
linkerd/linkerd
< 25.2.1
linkerd/linkerd2
0 - 0.0.0-20250212165942-faa3f617eef5Go
Published
May 05, 2025
Tracked Since
Feb 18, 2026