Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2025-AVI-0550
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Tenable. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Tenable | Nessus | Nessus versions antérieures à 10.9.0 | ||
| Tenable | Nessus | Nessus versions antérieures à 10.8.5 | ||
| Tenable | Security Center | Security Center version 6.4.0 sans les correctifs de sécurité SC-202505.1 et SC-202506.1 | ||
| Tenable | Security Center | Security Center version 6.4.5 sans les correctifs de sécurité SC-202505.1 et SC-202506.1 | ||
| Tenable | Security Center | Security Center version 6.5.1 sans les correctifs de sécurité SC-202505.1 et SC-202506.1 | ||
| Tenable | Security Center | Security Center versions antérieures à 6.6.0 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus versions ant\u00e9rieures \u00e0 10.9.0",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": "Nessus versions ant\u00e9rieures \u00e0 10.8.5",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": " Security Center version 6.4.0 sans les correctifs de s\u00e9curit\u00e9 SC-202505.1 et SC-202506.1",
"product": {
"name": "Security Center",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": " Security Center version 6.4.5 sans les correctifs de s\u00e9curit\u00e9 SC-202505.1 et SC-202506.1",
"product": {
"name": "Security Center",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": " Security Center version 6.5.1 sans les correctifs de s\u00e9curit\u00e9 SC-202505.1 et SC-202506.1",
"product": {
"name": "Security Center",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": "Security Center versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "Security Center",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-36630",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36630"
},
{
"name": "CVE-2022-25927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25927"
},
{
"name": "CVE-2025-3277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3277"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-29087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29087"
}
],
"initial_release_date": "2025-07-01T00:00:00",
"last_revision_date": "2025-07-01T00:00:00",
"links": [
{
"title": "Avis CERT-FR CERTFR-2025-AVI-0374 du 07 mai 2025",
"url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-0374/"
}
],
"reference": "CERTFR-2025-AVI-0550",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Tenable. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Tenable",
"vendor_advisories": [
{
"published_at": "2025-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2025-12",
"url": "https://www.tenable.com/security/tns-2025-12"
},
{
"published_at": "2025-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2025-13",
"url": "https://www.tenable.com/security/tns-2025-13"
}
]
}
CVE-2025-24855 (GCVE-0-2025-24855)
Vulnerability from cvelistv5
Published
2025-03-14 00:00
Modified
2025-08-02 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24855",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-02T03:55:44.191Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "libxslt",
"vendor": "xmlsoft",
"versions": [
{
"lessThan": "1.1.43",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-14T01:12:30.912Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/128"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-24855",
"datePublished": "2025-03-14T00:00:00.000Z",
"dateReserved": "2025-01-26T00:00:00.000Z",
"dateUpdated": "2025-08-02T03:55:44.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-36630 (GCVE-0-2025-36630)
Vulnerability from cvelistv5
Published
2025-07-01 23:11
Modified
2025-07-02 13:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-269 - Improper Privilege Management
Summary
In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-36630",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T13:02:56.549267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T13:24:24.991Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows"
],
"product": "Nessus",
"vendor": "Tenable",
"versions": [
{
"lessThan": "10.8.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rishad Sheikh - CVE-2025-36630"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege."
}
],
"value": "In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-01T23:11:13.818Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/tns-2025-13"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Tenable has released Nessus 10.8.5 and Nessus 10.9.0 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.tenable.com/downloads/nessus\"\u003ehttps://www.tenable.com/downloads/nessus\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "Tenable has released Nessus 10.8.5 and Nessus 10.9.0 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: https://www.tenable.com/downloads/nessus"
}
],
"source": {
"advisory": "https://www.tenable.com/security/tns-2025-13",
"discovery": "UNKNOWN"
},
"title": "Local Privilege Escalation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2025-36630",
"datePublished": "2025-07-01T23:11:13.818Z",
"dateReserved": "2025-04-15T21:50:46.277Z",
"dateUpdated": "2025-07-02T13:24:24.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3277 (GCVE-0-2025-3277)
Vulnerability from cvelistv5
Published
2025-04-14 16:50
Modified
2025-05-27 14:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3277",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T17:15:26.733637Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T18:07:24.569Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "sqlite",
"vendor": "SQLite",
"versions": [
{
"status": "affected",
"version": "\u003c 3.49.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u738b\u8dc3\u6797 (Yuelin Wang)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An integer overflow can be triggered in SQLite\u2019s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "An integer overflow can be triggered in SQLite\u2019s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution."
}
],
"impacts": [
{
"capecId": "CAPEC-47",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-47 Buffer Overflow via Parameter Expansion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-27T14:42:04.019Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://sqlite.org/src/info/498e3f1cf57f164f"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2025-3277",
"datePublished": "2025-04-14T16:50:48.902Z",
"dateReserved": "2025-04-04T14:24:39.857Z",
"dateUpdated": "2025-05-27T14:42:04.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6021 (GCVE-0-2025-6021)
Vulnerability from cvelistv5
Published
2025-06-12 12:49
Modified
2025-10-08 15:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6021",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T14:41:19.578427Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T14:46:43.637Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/926"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://gitlab.gnome.org/GNOME/libxml2/",
"defaultStatus": "unaffected",
"packageName": "libxml2",
"versions": [
{
"lessThan": "2.14.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.0"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.12.5-7.el10_0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_els:7"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.1-6.el7_9.10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream",
"cpe:/o:redhat:enterprise_linux:8::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-21.el8_10.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream",
"cpe:/o:redhat:enterprise_linux:8::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-21.el8_10.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.2::appstream",
"cpe:/o:redhat:rhel_aus:8.2::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-9.el8_2.3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
"cpe:/o:redhat:rhel_aus:8.4::baseos",
"cpe:/a:redhat:rhel_aus:8.4::appstream",
"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-9.el8_4.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
"cpe:/o:redhat:rhel_aus:8.4::baseos",
"cpe:/a:redhat:rhel_aus:8.4::appstream",
"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-9.el8_4.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.6::baseos",
"cpe:/o:redhat:rhel_tus:8.6::baseos",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/a:redhat:rhel_tus:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-13.el8_6.10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.6::baseos",
"cpe:/o:redhat:rhel_tus:8.6::baseos",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/a:redhat:rhel_tus:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-13.el8_6.10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.6::baseos",
"cpe:/o:redhat:rhel_tus:8.6::baseos",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/a:redhat:rhel_tus:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-13.el8_6.10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_tus:8.8::appstream",
"cpe:/o:redhat:rhel_tus:8.8::baseos",
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/o:redhat:rhel_e4s:8.8::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-16.el8_8.9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_tus:8.8::appstream",
"cpe:/o:redhat:rhel_tus:8.8::baseos",
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/o:redhat:rhel_e4s:8.8::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-16.el8_8.9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.13-10.el9_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.13-10.el9_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_e4s:9.0::baseos",
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.13-1.el9_0.5",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream",
"cpe:/o:redhat:rhel_e4s:9.2::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.13-3.el9_2.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus:9.4::baseos",
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.13-10.el9_4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.12::el8"
],
"defaultStatus": "unaffected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.12",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.13::el9"
],
"defaultStatus": "unaffected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat"
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el9",
"cpe:/a:redhat:openshift:4.14::el8"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "414.92.202508041909-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "unaffected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat"
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "416.94.202508050040-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "unaffected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat"
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "418.94.202508060022-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:discovery:2::el9"
],
"defaultStatus": "affected",
"packageName": "discovery/discovery-server-rhel9",
"product": "Red Hat Discovery 2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:insights_proxy:1.5::el9"
],
"defaultStatus": "affected",
"packageName": "insights-proxy/insights-proxy-container-rhel9",
"product": "Red Hat Insights proxy 1.5",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_core_services:1"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat JBoss Core Services",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Ahmed Lekssays for reporting this issue."
}
],
"datePublic": "2025-06-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-08T15:49:24.373Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2025:10630",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10630"
},
{
"name": "RHSA-2025:10698",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10698"
},
{
"name": "RHSA-2025:10699",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10699"
},
{
"name": "RHSA-2025:11580",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:11580"
},
{
"name": "RHSA-2025:12098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12098"
},
{
"name": "RHSA-2025:12099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12099"
},
{
"name": "RHSA-2025:12199",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12199"
},
{
"name": "RHSA-2025:12237",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12237"
},
{
"name": "RHSA-2025:12239",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12239"
},
{
"name": "RHSA-2025:12240",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12240"
},
{
"name": "RHSA-2025:12241",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12241"
},
{
"name": "RHSA-2025:13267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"name": "RHSA-2025:13289",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:13289"
},
{
"name": "RHSA-2025:13325",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:13325"
},
{
"name": "RHSA-2025:13335",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:13335"
},
{
"name": "RHSA-2025:13336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:13336"
},
{
"name": "RHSA-2025:14059",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14059"
},
{
"name": "RHSA-2025:14396",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14396"
},
{
"name": "RHSA-2025:15308",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:15308"
},
{
"name": "RHSA-2025:15672",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:15672"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"name": "RHBZ#2372406",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-12T07:55:45.428000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-06-12T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code."
}
],
"x_redhatCweChain": "(CWE-190|CWE-121): Integer Overflow or Wraparound or Stack-based Buffer Overflow"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-6021",
"datePublished": "2025-06-12T12:49:16.157Z",
"dateReserved": "2025-06-12T05:52:54.211Z",
"dateUpdated": "2025-10-08T15:49:24.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-29087 (GCVE-0-2025-29087)
Vulnerability from cvelistv5
Published
2025-04-07 00:00
Modified
2025-04-15 15:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-190 - Integer Overflow or Wraparound
Summary
In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-29087",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T13:27:16.707351Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T15:14:39.726Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SQLite",
"vendor": "SQLite",
"versions": [
{
"lessThan": "3.49.1",
"status": "affected",
"version": "3.44.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.49.1",
"versionStartIncluding": "3.44.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.2,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T13:34:42.160Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.sqlite.org/cves.html"
},
{
"url": "https://gist.github.com/ylwango613/a44a29f1ef074fa783e29f04a0afd62a"
},
{
"url": "https://sqlite.org/releaselog/3_49_1.html"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-29087",
"datePublished": "2025-04-07T00:00:00.000Z",
"dateReserved": "2025-03-11T00:00:00.000Z",
"dateUpdated": "2025-04-15T15:14:39.726Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25927 (GCVE-0-2022-25927)
Vulnerability from cvelistv5
Published
2023-01-25 05:00
Modified
2025-04-01 18:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1333 - Regular Expression Denial of Service (ReDoS)
Summary
Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ua-parser-js |
Version: 0.7.30 ≤ Version: 0.8.1 ≤ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:44.149Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-UAPARSERJS-3244450"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/faisalman/ua-parser-js/commit/a6140a17dd0300a35cfc9cff999545f267889411"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25927",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-01T18:27:15.804522Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333 Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-01T18:28:37.897Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ua-parser-js",
"vendor": "n/a",
"versions": [
{
"lessThan": "0.7.33",
"status": "affected",
"version": "0.7.30",
"versionType": "semver"
},
{
"lessThan": "1.0.33",
"status": "affected",
"version": "0.8.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Beau Harder"
}
],
"descriptions": [
{
"lang": "en",
"value": "Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.\r\r"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "Regular Expression Denial of Service (ReDoS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-25T05:00:00.897Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-UAPARSERJS-3244450"
},
{
"url": "https://github.com/faisalman/ua-parser-js/commit/a6140a17dd0300a35cfc9cff999545f267889411"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2022-25927",
"datePublished": "2023-01-25T05:00:00.897Z",
"dateReserved": "2022-02-24T11:58:25.175Z",
"dateUpdated": "2025-04-01T18:28:37.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…