{"id":"CVE-2025-59250","details":"Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network.","aliases":["GHSA-m494-w24q-6f7w"],"modified":"2026-05-19T09:15:53.618513Z","published":"2025-10-14T17:16:07.240Z","related":["CGA-cw49-xvqv-j776"],"references":[{"type":"ADVISORY","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59250"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/microsoft/mssql-jdbc","events":[{"introduced":"468a35abc49ee144a590079c10c32022a7a0247b"},{"fixed":"6ac9b9d667476b2776f78ea488c2b92cecfc92d3"},{"introduced":"eb88b7026edf217defcd8e6108f75dc3d6f86a1f"},{"fixed":"9641938c250ba9b88b0a12b441bae74fc4cec133"},{"introduced":"4a27a0d1081bb3f0e9bba6112576c49f1776358f"},{"fixed":"ffca76d554f490274cea950536465e58f1b40e4c"},{"introduced":"c235d35fa3148b24617359e2285a0bc6748076cb"},{"fixed":"c15c00d8da48db0a1490a440f4061c33561f265b"},{"introduced":"3cd946efe4e61446ba9ae073ecc0530746dee6a2"},{"fixed":"269a1965ce331a3b274f6313c6f97f53dec71049"},{"introduced":"0e97689f50f30c70dcfec89bcc89537ea622b8b5"},{"fixed":"5c9cd93f057de5322973b427583e8603a2bc0fc7"},{"introduced":"a0ea23a0de0ec314b9836664cd158c4a795174dc"},{"fixed":"34debbc9b19e5bace5f69e208b4b85e470d634ae"},{"introduced":"e1acc9ec2bbda59dbc45d17cb4090357ae456c3f"},{"fixed":"0535f4f17255eea2bad34b1274f8057c191b9f6d"}],"database_specific":{"source":"CPE_FIELD","extracted_events":[{"introduced":"10.2.0"},{"fixed":"10.2.4"},{"introduced":"11.2.0"},{"fixed":"11.2.4"},{"introduced":"12.2.0"},{"fixed":"12.2.1"},{"introduced":"12.4.0"},{"fixed":"12.4.3"},{"introduced":"12.6.0"},{"fixed":"12.6.5"},{"introduced":"12.8.0"},{"fixed":"12.8.2"},{"introduced":"12.10.0"},{"fixed":"12.10.2"},{"introduced":"13.2.0"},{"fixed":"13.2.1"}],"cpe":"cpe:2.3:a:microsoft:jdbc_driver_for_sql_server:*:*:*:*:*:*:*:*"}}],"versions":["v12.10.1","v12.6.4","v12.8.1","v13.2.0","v12.10.0","v12.6.3","v12.8.0","v12.6.2","v12.6.1","v12.2.0","v12.4.2","v12.6.0","v12.4.1","v12.4.0","v11.2.3","v10.2.3","v10.2.2","v11.2.2","v11.2.1","v10.2.1","v11.2.0","v10.2.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-59250.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}]}