Lucene search
+L

9 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/03 2:10 p.m.25 views

Security Bulletin: IBM Security QRadar Analyst Workflow for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. The update addresses these issues. Vulnerability Details CVEID:CVE-2024-52798 DESCRIPTION: path-to-regexp turns path strings into a regular expressions. In certa...

8.7CVSS10AI score0.03961EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/14 10:54 p.m.7 views

CVE-2025-25285

A flaw was found in the octokit/endpoint package for Node.js. In affected versions, the endpoint.parseoptions call can be triggered via specially-crafted options parameters, leading to a regular expression denial-of-service ReDoS attack. This causes the program to hang and results in high CPU...

5.3CVSS5.1AI score0.00605EPSS
Exploits0References6
NVD
NVD
added 2025/02/14 8:15 p.m.17 views

CVE-2025-25285

@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...

5.3CVSS0.00605EPSS
Exploits0References3
Wolfi
Wolfi
added 2025/02/14 8:15 p.m.11 views

CVE-2025-25285 vulnerabilities

Vulnerabilities for packages: renovate...

5.3CVSS7.2AI score0.00605EPSS
Exploits0
Chainguard
Chainguard
added 2025/02/14 8:15 p.m.16 views

CVE-2025-25285 vulnerabilities

Vulnerabilities for packages: renovate...

5.3CVSS7AI score0.00605EPSS
Exploits0
Circl
Circl
added 2025/02/14 7:34 p.m.9 views

CVE-2025-25285

creationtimestamp| type| source ---|---|--- 2025-02-14 19:34:33+00:00| seen| https://infosec.exchange/users/cve/statuses/114003913812916358 2025-02-14 20:15:50+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li5zfmw52y2n 2025-02-14 22:50:10+00:00| seen|...

5.3CVSS5.4AI score0.00605EPSS
Exploits0References4
OSV
OSV
added 2025/02/14 7:31 p.m.10 views

CVE-2025-25285 @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...

5.3CVSS5.9AI score0.00605EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/02/14 7:31 p.m.25 views

CVE-2025-25285 @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...

5.3CVSS0.00605EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/14 7:31 p.m.20 views

CVE-2025-25285 @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...

5.3CVSS6.8AI score0.00605EPSS
Exploits0References3
Rows per page
Query Builder