Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.2
Apache ServiceMix ProfilingService Java File Denial of Service Risk
CVE-2025-48585
ASB-A-425360742
Summary
A vulnerability in Apache ServiceMix's ProfilingService Java file could allow an attacker to cause a denial of service to the system without needing user interaction. This means the system could become unavailable, affecting users. To protect against this, ensure proper input validation is implemented in the ProfilingService Java file.
What to do
- Update google platform/packages/modules/profiling to version 16-qpr2-next:2026-03-01.
- Update google platform/packages/modules/profiling to version 16:2026-03-01.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| android | 16.0 | – | |
| android | 16.0 | – | |
| android | 16.0 | – | |
| android | 16.0 | – | |
| platform/packages/modules/profiling | > 16-qpr2-next:0 , <= 16-qpr2-next:2026-03-01 | 16-qpr2-next:2026-03-01 | |
| platform/packages/modules/profiling | > 16:0 , <= 16:2026-03-01 | 16:2026-03-01 |
Original title
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional exec...
Original description
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd CVSS3.1
6.2
Vulnerability type
CWE-20
Improper Input Validation
Published: 1 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026