How to fix CVE-2025-5151?

During next maintenance window: Identify affected systems running defog-ai introspect and apply vendor patches when convenient. Validate input sanitization for user-controlled parameters.

Is Docker affected by CVE-2025-5151?

Organizations using defog-ai introspect should be aware of moderate risk from CVE-2025-5151, a injection vulnerability rated CVSS 4.8. Exploitation could allow attackers to execute code or inject malicious input. Proof-of-concept code is publicly available.

CVE-2025-5151

MEDIUM

2025-05-25 [email protected]

4.8

CVSS 4.0

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:43 vuln.today

PoC Detected

Jun 03, 2025 - 12:58 vuln.today

Public exploit code

CVE Published

May 25, 2025 - 17:15 nvd

MEDIUM 4.8

Description

A vulnerability classified as critical has been found in defog-ai introspect up to 0.1.4. This affects the function execute_analysis_code_safely of the file introspect/backend/tools/analysis_tools.py. The manipulation of the argument code leads to code injection. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The patch is named 502. It is recommended to apply a patch to fix this issue. The code maintainer explains, that "[they] have added some workarounds to address this in #502, but will not be implementing a full fix. This is because this repo is meant to be run in a docker environment, which will significantly mitigate potential security risks. Having said that, we have added a SECURITY section in our README to make this clearer to users."

Analysis

A vulnerability classified as critical has been found in defog-ai introspect up to 0.1.4. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Technical Context

This vulnerability is classified under CWE-74. A vulnerability classified as critical has been found in defog-ai introspect up to 0.1.4. This affects the function execute_analysis_code_safely of the file introspect/backend/tools/analysis_tools.py. The manipulation of the argument code leads to code injection. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The patch is named 502. It is recommended to apply a patch to fix this issue. The code maintainer explains, that "[they] have added some workarounds to address this in #502, but will not be implementing a full fix. This is because this repo is meant to be run in a docker environment, which will significantly mitigate potential security risks. Having said that, we have added a SECURITY section in our README to make this clearer to users." Affected products include: Defog Introspect. Version information: up to 0.1.4..

Affected Products

Defog Introspect.

Remediation

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +24

POC: +20

CVE-2025-5151 vulnerability details – vuln.today

Back

CVE-2025-5151

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-5151

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code