CVE-2025-9031
4.3 MEDIUMObservable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc
Published: 2025-09-24 · Last updated: 2026-06-05
Severity and scoring
- CVSS
- 4.3 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- CWE
- CWE-203, CWE-208
Description
Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive Web allows Cross-Domain Search Timing. This issue affects DivvyDrive Web: from 4.8.2.2 before 4.8.2.15.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-54411 — Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module's plaintext-password comparison path... (5.9 MEDIUM)
- CVE-2017-20240 — Crypt::PBKDF2 versions before 0.261630 for Perl are vulnerable to timing attacks (5.9 MEDIUM)
- CVE-2026-48011 — Shopware is an open commerce platform (3.7 LOW)
- CVE-2026-48859 — Observable Timing Discrepancy vulnerability in Erlang/OTP ssh (ssh_auth, ssh_options modules) allows unauthenticated remote username enum... (5.3 MEDIUM)
- CVE-2026-11289 — Side-channel information leakage in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via... (6.5 MEDIUM)