Lucene search
K

9 matches found

NCSC
NCSC
•added 2025/12/12 10:46 a.m.•10 views

Vulnerabilities fixed in React Server Components

Meta has fixed vulnerabilities in React Server Components Parcel, Turbopack and Webpack Specifically for versions 19.0.2, 19.1.3 and 19.2.2. The vulnerabilities are related to insecure deserialization of HTTP request payloads, which can lead to Denial-of-Service attacks and server hangs. This...

7.5CVSS7.2AI score0.65592EPSS
Exploits13References4
Tenable Nessus
Tenable Nessus
•added 2025/12/12 12:0 a.m.•7 views

Node.js React Server Components Denial of Service (CVE-2025-67779)

Multiple Node.js React Server Components packages are affected by a denial of service vulnerability. The following Node.js packages and versions are affected: - react-server-dom-webpack 19.0.2, 19.1.3, 19.2.2 - react-server-dom-parcel 19.0.2, 19.1.3, 19.2.2 - react-server-dom-turbopack 19.0.2,...

7.5CVSS6.2AI score0.1888EPSS
Exploits3References2
Vulnrichment
Vulnrichment
•added 2025/12/11 11:36 p.m.•7 views

CVE-2025-67779

It was found that the fix addressing CVE-2025-55184 in React Server Components was incomplete and does not prevent a denial of service attack in a specific case. React Server Components versions 19.0.2, 19.1.3 and 19.2.2 are affected, allowing unsafe deserialization of payloads from HTTP requests...

7.5CVSS6.4AI score0.1888EPSS
Exploits3References2
CVE
CVE
•added 2025/12/11 11:36 p.m.•29 views

CVE-2025-67779

CVE-2025-67779 describes a denial-of-service vulnerability in React Server Components caused by an incomplete fix for unsafe deserialization. The issue allows crafted HTTP payloads to Server Function endpoints to trigger an infinite loop, tying up CPU and potentially making the server unresponsiv...

7.5CVSS6.4AI score0.1888EPSS
Exploits3References2Affected Software1
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•6 views

EUVD-2025-5501

Malicious code in bioql PyPI...

8.4CVSS6.6AI score0.00195EPSS
Exploits0References4
NVD
NVD
•added 2025/02/28 9:15 a.m.•8 views

CVE-2025-1413

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...

8.4CVSS0.00195EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2025/02/28 8:25 a.m.•8 views

CVE-2025-1413 Dylib Hijacking in DaVinci Resolve

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...

8.4CVSS6.6AI score0.00195EPSS
Exploits0References3
Cvelist
Cvelist
•added 2025/02/28 8:25 a.m.•20 views

CVE-2025-1413 Dylib Hijacking in DaVinci Resolve

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...

8.4CVSS0.00195EPSS
Exploits0References3
Positive Technologies
Positive Technologies
•added 2025/02/28 12:0 a.m.•4 views

PT-2025-9078 Ā· Blackmagic Design Ā· Davinci Resolve

Name of the Vulnerable Software and Affected Versions: DaVinci Resolve versions prior to 19.1.3 Description: The issue is related to incorrect file permissions in DaVinci Resolve on MacOS, which can lead to Dylib Hijacking. This inconsistency with standard macOS security practices allows for...

8.4CVSS7.4AI score0.00195EPSS
Exploits0References9
Rows per page
Query Builder