9 matches found
Security Bulletin: IBM Security QRadar Analyst Workflow for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. The update addresses these issues. Vulnerability Details CVEID:CVE-2024-52798 DESCRIPTION: path-to-regexp turns path strings into a regular expressions. In certa...
CVE-2025-25285
A flaw was found in the octokit/endpoint package for Node.js. In affected versions, the endpoint.parseoptions call can be triggered via specially-crafted options parameters, leading to a regular expression denial-of-service ReDoS attack. This causes the program to hang and results in high CPU...
CVE-2025-25285
@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...
CVE-2025-25285 vulnerabilities
Vulnerabilities for packages: renovate...
CVE-2025-25285 vulnerabilities
Vulnerabilities for packages: renovate...
CVE-2025-25285
creationtimestamp| type| source ---|---|--- 2025-02-14 19:34:33+00:00| seen| https://infosec.exchange/users/cve/statuses/114003913812916358 2025-02-14 20:15:50+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li5zfmw52y2n 2025-02-14 22:50:10+00:00| seen|...
CVE-2025-25285 @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...
CVE-2025-25285 @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...
CVE-2025-25285 @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...