{"vulnerability": "CVE-2025-25289", "sightings": [{"uuid": "c976062d-f67d-4acc-9c0c-1875f892be0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25289", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114003936414922745", "content": "", "creation_timestamp": "2025-02-14T19:40:19.456843Z"}, {"uuid": "6c7c85f9-e35e-496f-b910-e1e5650acd5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25289", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li5zfsd3ay2a", "content": "", "creation_timestamp": "2025-02-14T20:15:55.707510Z"}, {"uuid": "528532b1-25c7-4c83-a369-b2f0debd9dad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25289", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3li6bzn2box2y", "content": "", "creation_timestamp": "2025-02-14T22:50:13.025331Z"}, {"uuid": "920d2d52-6653-4d76-94ca-4b9d4ad18a91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25289", "type": "seen", "source": "https://t.me/cvedetector/18143", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25289 - Octokit Regular Expression Denial of Service (ReDoS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25289 \nPublished : Feb. 14, 2025, 8:15 p.m. | 2\u00a0hours, 13\u00a0minutes ago \nDescription : @octokit/request-error is an error class for Octokit request errors. Starting in version 1.0.0 and prior to version 6.1.7, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the processing of HTTP request headers. By sending an authorization header containing an excessively long sequence of spaces followed by a newline and \"@\", an attacker can exploit inefficient regular expression processing, leading to excessive resource consumption. This can significantly degrade server performance or cause a denial-of-service (DoS) condition, impacting availability. Version 6.1.7 contains a fix for the issue. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-15T00:08:42.000000Z"}]}