{"vulnerability": "CVE-2025-2520", "sightings": [{"uuid": "8aa0c8a4-e8ac-4f9e-91b1-122c86b7a610", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25200", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113992250696737741", "content": "", "creation_timestamp": "2025-02-12T18:08:28.753899Z"}, {"uuid": "3311a552-401b-4200-920f-4b7564f14079", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25202", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhwenfmpuu2d", "content": "", "creation_timestamp": "2025-02-11T19:15:44.268170Z"}, {"uuid": "95f3d1be-5b4a-40cc-89c4-1e4f06ba79a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25202", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhwovyajyn26", "content": "", "creation_timestamp": "2025-02-11T22:19:31.167705Z"}, {"uuid": "8429a1b7-49b8-4a0e-8af1-d1e2d92c5ce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25203", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113987706268933005", "content": "", "creation_timestamp": "2025-02-11T22:52:46.099641Z"}, {"uuid": "9d48e3ec-fbb0-45d5-9f8f-7ab59cbb1c73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25203", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhws2x43zh2a", "content": "", "creation_timestamp": "2025-02-11T23:15:57.528505Z"}, {"uuid": "62e230ee-c09b-4523-b3a1-4a704521107d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25203", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113988162062994542", "content": "", "creation_timestamp": "2025-02-12T00:48:41.321082Z"}, {"uuid": "6e753ec8-2a0a-42b1-aefd-0e132f589a98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25201", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhyv4kjcns2h", "content": "", "creation_timestamp": "2025-02-12T19:15:51.914436Z"}, {"uuid": "e96ef1a9-36f0-4c27-aa86-73b7a38e84e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25205", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhyv4n35zi2a", "content": "", "creation_timestamp": "2025-02-12T19:15:54.465496Z"}, {"uuid": "e916a1b1-6bad-419b-9dc1-6a90a31999a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25205", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113992880737800098", "content": "", "creation_timestamp": "2025-02-12T20:48:42.968088Z"}, {"uuid": "c926282f-9dfd-4d4f-bc89-cb172dc7bf25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25205", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhz3i7ptjq2z", "content": "", "creation_timestamp": "2025-02-12T21:09:45.739893Z"}, {"uuid": "067a658c-cf3e-47a5-891e-dd199dec459e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25200", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhyrreespr2i", "content": "", "creation_timestamp": "2025-02-12T18:15:55.161369Z"}, {"uuid": "a6fa0d4e-43d8-416f-866e-1e67fdb05aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25201", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113992291260057149", "content": "", "creation_timestamp": "2025-02-12T18:18:47.525149Z"}, {"uuid": "d14e8727-2c4a-4d29-8edb-bac6eec46dd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25205", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113992291274845967", "content": "", "creation_timestamp": "2025-02-12T18:18:47.772047Z"}, {"uuid": "66d51956-ca11-4f20-8a38-45eb32ce630f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25204", "type": "seen", "source": "https://gist.github.com/EbonJaeger/57b8e1cb7c1dcdeba8a87749135dce96", "content": "", "creation_timestamp": "2025-02-21T19:48:13.000000Z"}, {"uuid": "a51d6210-5c40-42ba-b8d3-5ff5c02f1a80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25200", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114195295182774871", "content": "", "creation_timestamp": "2025-03-20T14:45:21.938796Z"}, {"uuid": "2b6d6ad3-335b-4185-ae0a-dc4631e5ae83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25204", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li5pdo3wah2e", "content": "", "creation_timestamp": "2025-02-14T17:15:47.246992Z"}, {"uuid": "9a038102-9937-4d4d-9a5c-3b8a0d433962", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25206", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li5pdrcbmx2e", "content": "", "creation_timestamp": "2025-02-14T17:15:50.117324Z"}, {"uuid": "35275872-1f08-4311-9e22-cd2146aa2934", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25204", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3li5ud7we6b2z", "content": "", "creation_timestamp": "2025-02-14T18:45:07.263327Z"}, {"uuid": "ec0adfd6-7bd3-41f5-a0f7-752fd2cee083", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25206", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3li5udaknd222", "content": "", "creation_timestamp": "2025-02-14T18:45:10.928018Z"}, {"uuid": "ccd1711e-6ee0-4f15-a0d7-9abf9a61d5fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25206", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114003734174518298", "content": "", "creation_timestamp": "2025-02-14T18:48:53.259682Z"}, {"uuid": "0966b2eb-22e3-4f65-9242-b4b21ce18f98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25207", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr5t2hazkg2a", "content": "", "creation_timestamp": "2025-06-09T07:08:57.223483Z"}, {"uuid": "8dd2e4ee-a937-4c22-90fc-c44281692fb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25208", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr5tme4bfr2m", "content": "", "creation_timestamp": "2025-06-09T07:18:57.948237Z"}, {"uuid": "29323caf-d335-40c7-b58a-0f45fad44c12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25206", "type": "seen", "source": "https://t.me/cvedetector/18129", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25206 - eLabFTW Privilege Escalation Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-25206 \nPublished : Feb. 14, 2025, 5:15 p.m. | 1\u00a0hour, 2\u00a0minutes ago \nDescription : eLabFTW is an open source electronic lab notebook for research labs. Prior to version 5.1.15, an incorrect input validation could allow an authenticated user to read sensitive information, including login token or other content stored in the database. This could lead to privilege escalation if cookies are enabled (default setting). Users must upgrade to eLabFTW version 5.1.15 to receive a fix. No known workarounds are available. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-14T19:57:07.000000Z"}, {"uuid": "3770318b-0719-4d58-9028-5a4cd9c3cccb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2520", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-205-03", "content": "", "creation_timestamp": "2025-07-24T10:00:00.000000Z"}, {"uuid": "a4dfaee1-1427-4f3c-bdc7-667a52d0a9d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25202", "type": "seen", "source": "https://t.me/cvedetector/17734", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25202 - Ash Authentication Magic Link Token Reuse Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25202 \nPublished : Feb. 11, 2025, 7:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Ash Authentication is an authentication framework for Elixir applications. Applications which have been bootstrapped by the igniter installer present since AshAuthentication v4.1.0 and who have used the magic link strategy _or_ are manually revoking tokens are affected by revoked tokens being allowed to verify as valid. Unless one hase implemented any kind of custom token revocation feature in your application, then one will not be affected. The impact here for users using builtin functionality is that magic link tokens are reusable until they expire. With that said, magic link tokens are only valid for 10 minutes, so the surface area for abuse is extremely low here. The flaw is patched in version 4.4.9. Additionally a compile time warning is shown to users with remediation instructions if they upgrade. 4.4.9 ships with an upgrader, so those who use `mix igniter.upgrade ash_authentication` will have the necessary patch applied. Otherwise, one may run the upgrader manually as described in the error message. As a workaround, delete the generated `:revoked?` generic action in the token resource. This will cause it to use the one internal to Ash Authentication which has always been correct. Alternatively, manually make the changes that are included in the patch. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-11T21:33:23.000000Z"}, {"uuid": "c105fb0b-9e56-4b5c-b58f-c0034a3eac39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25203", "type": "seen", "source": "https://t.me/cvedetector/17776", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25203 - CtrlPanel Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25203 \nPublished : Feb. 11, 2025, 11:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : CtrlPanel is open-source billing software for hosting providers. Prior to version 1.0, a Cross-Site Scripting (XSS) vulnerability exists in the `TicketsController` and `Moderation/TicketsController` due to insufficient input validation on the `priority` field during ticket creation and unsafe rendering of this field in the moderator panel. Version 1.0 contains a patch for the issue. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T01:47:02.000000Z"}, {"uuid": "64aa0709-e7f7-4235-b0c5-02ca47296c00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25202", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3934", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25202\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: ### Impact\n\nApplications which have been bootstrapped by the new igniter installer (since AshAuthentication v4.1.0) and who have used the magic link strategy, password resets, confirmation, or are manually revoking tokens are affected by revoked tokens being allowed to verify as valid. If you did not use the new installer, then you are absolutely not affected.\n\nAdditionally, unless you have implemented any kind of custom token revocation feature in your application (in which case even cursory testing would have uncovered this issue), then you will not be significantly affected. \n\nThe impact here for users is as follows:\n\n  - For users using the magic link strategy, magic link tokens are reusable until they expire instead of being immediately revoked. By default magic link tokens are valid for 10 minutes.\n  - For users of password resets in the password strategy, password reset tokens are reusable until they expire instead of being immediately revoked. By default password reset tokens are valid for 3 days.\n  - For users of the confirmation add-on, confirmation tokens are reusable until they expire instead of being immediately revoked. By default password reset tokens are valid for 3 days.\n\n### Patches\n\nThe flaw is patched in version 4.4.9. Additionally a compile time warning is shown to users with remediation instructions if they upgrade. 4.4.9 ships with an upgrader, so if you use `mix igniter.upgrade ash_authentication` the necessary patch will be applied for you. Otherwise you can run the upgrader manually as described in the error message\n\n#### Example\n```elixir\n[warning] Warning while compiling Tunez.Accounts.Token:\n\nThe `:jti` and `:token` options to the `:revoked?` action must allow nil values and it must return a `:boolean`.\n\nThis was an error in our igniter installer previous to version 4.4.9, which allowed revoked tokens to be reused.\n\nTo fix this, run the following command in your shell:\n\n    mix ash_authentication.upgrade 4.4.8 4.4.9\n\nOr:\n\n  - remove `allow_nil?: false` from these action arguments, and\n  - ensure that the action returns `:boolean`.\n\n  like so:\n\n    action :revoked?, :boolean do\n      description \"Returns true if a revocation token is found for the provided token\"\n      argument :token, :string, sensitive?: true\n      argument :jti, :string, sensitive?: true\n\n      run AshAuthentication.TokenResource.IsRevoked\n    end\n```\n\n### Workarounds\n\nDelete the generated `:revoked?` generic action in your token resource This will cause it to use the one internal to AshAuthentication which has always been correct. Alternatively,  manually make the changes described above.\n\n### References\n\nSee the `#ash_authentication` channel on the Ash Discord.\n\ud83d\udccf Published: 2025-02-11T18:12:33Z\n\ud83d\udccf Modified: 2025-02-11T21:40:09Z\n\ud83d\udd17 References:\n1. https://github.com/team-alembic/ash_authentication/security/advisories/GHSA-qrm9-f75w-hg4c\n2. https://nvd.nist.gov/vuln/detail/CVE-2025-25202\n3. https://github.com/team-alembic/ash_authentication/commit/2dee55252df26fe3d990ff1199397cdcf1bfea8a\n4. https://github.com/team-alembic/ash_authentication", "creation_timestamp": "2025-02-11T22:07:59.000000Z"}, {"uuid": "71255e68-ff4b-4a47-ae06-9a4f6423cccf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25204", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6263", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25204\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N)\n\ud83d\udd39 Description: `gh` is GitHub\u2019s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool `gh attestation verify` causes it to return a zero exit status when no attestations are present. This behavior is incorrect: When no attestations are present, `gh attestation verify` should return a non-zero exit status code, thereby signaling verification failure. An attacker can abuse this flaw to, for example, deploy malicious artifacts in any system that uses `gh attestation verify`'s exit codes to gatekeep deployments. Users are advised to update `gh` to patched version `v2.67.0` as soon as possible.\n\ud83d\udccf Published: 2025-02-14T16:38:29.038Z\n\ud83d\udccf Modified: 2025-03-03T19:13:28.888Z\n\ud83d\udd17 References:\n1. https://github.com/cli/cli/security/advisories/GHSA-fgw4-v983-mgp8\n2. https://github.com/cli/cli/issues/10418\n3. https://github.com/cli/cli/pull/10421", "creation_timestamp": "2025-03-03T19:30:58.000000Z"}, {"uuid": "47185e3f-58cf-4ae1-85f8-b8f9f335e694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25204", "type": "seen", "source": "https://t.me/cvedetector/18128", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25204 - GitHub gh Artifact Attestation Verification Exit Code Spoofing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25204 \nPublished : Feb. 14, 2025, 5:15 p.m. | 1\u00a0hour, 2\u00a0minutes ago \nDescription : `gh` is GitHub\u2019s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool `gh attestation verify` causes it to return a zero exit status when no attestations are present. This behavior is incorrect: When no attestations are present, `gh attestation verify` should return a non-zero exit status code, thereby signaling verification failure. An attacker can abuse this flaw to, for example, deploy malicious artifacts in any system that uses `gh attestation verify`'s exit codes to gatekeep deployments. Users are advised to update `gh` to patched version `v2.67.0` as soon as possible. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-14T19:57:03.000000Z"}, {"uuid": "ec3ad490-d70b-4e99-8b65-b2a6b4207d93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25205", "type": "seen", "source": "https://t.me/cvedetector/17927", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25205 - Audiobookshelf Regex Pattern Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-25205 \nPublished : Feb. 12, 2025, 7:15 p.m. | 1\u00a0hour, 49\u00a0minutes ago \nDescription : Audiobookshelf is a self-hosted audiobook and podcast server. Starting in version 2.17.0 and prior to version 2.19.1, a flaw in the authentication bypass logic allows unauthenticated requests to match certain unanchored regex patterns in the URL. Attackers can craft URLs containing substrings like \"/api/items/1/cover\" in a query parameter (?r=/api/items/1/cover) to partially bypass authentication or trigger server crashes under certain routes. This could lead to information disclosure of otherwise protected data and, in some cases, a complete denial of service (server crash) if downstream code expects an authenticated user object. Version 2.19.1 contains a patch for the issue. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T22:45:22.000000Z"}, {"uuid": "42f16fd4-9a68-49ae-809e-7ca25129dd7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25201", "type": "seen", "source": "https://t.me/cvedetector/17926", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25201 - Nitrokey 3 PIV Key Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-25201 \nPublished : Feb. 12, 2025, 7:15 p.m. | 1\u00a0hour, 49\u00a0minutes ago \nDescription : Nitrokey 3 Firmware is the the firmware of Nitrokey 3 USB keys. For release 1.8.0, and test releases with PIV enabled prior to 1.8.0, the PIV application could accept invalid keys for authentication of the admin key. This could lead to compromise of the integrity of the data stored in the application. An attacker without access to the proper administration key would be able to generate new keys and overwrite certificates. Such an attacker would not be able to read-out or extract existing private data, nor would they be able to gain access to cryptographic operations that would normally require PIN-based authentication. The issue is fixed in piv-authenticator 0.3.9, and in Nitrokey's firmware 1.8.1. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T22:45:21.000000Z"}, {"uuid": "33bb20f2-d00f-4fa2-b5a3-dc84aabb6773", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25200", "type": "seen", "source": "https://t.me/cvedetector/17905", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25200 - Koa HTTP Header Regular Expression Denial-of-Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25200 \nPublished : Feb. 12, 2025, 6:15 p.m. | 46\u00a0minutes ago \nDescription : Koa is expressive middleware for Node.js using ES2017 async functions. Prior to versions 0.21.2, 1.7.1, 2.15.4, and 3.0.0-alpha.3, Koa uses an evil regex to parse the `X-Forwarded-Proto` and `X-Forwarded-Host` HTTP headers. This can be exploited to carry out a Denial-of-Service attack. Versions 0.21.2, 1.7.1, 2.15.4, and 3.0.0-alpha.3 fix the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T20:13:59.000000Z"}]}