7 matches found
ROOT-APP-NPM-CVE-2025-25288 CVE-2025-25288 in @rootio/octokit__plugin-paginate-rest - Patched by Root
Root has patched CVE-2025-25288 in the @rootio/octokitplugin-paginate-rest package for Root:npm. Multiple fixed versions available...
CVE-2025-25288
A flaw was found in the plugin-paginate-rest Octokit plugin. When calling octokit.paginate.iterator, a specially crafted octokit instance with a malicious link parameter in the headers section of the request can trigger a regular expression denial-of-service ReDoS attack...
CVE-2025-25288 vulnerabilities
Vulnerabilities for packages: tileserver-gl-fips, tileserver-gl, renovate, lerna, prism...
CVE-2025-25288 vulnerabilities
Vulnerabilities for packages: tileserver-gl, prism, lerna, renovate...
CVE-2025-25288 @octokit/plugin-paginate-rest has a Regular Expression in iterator that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
@octokit/plugin-paginate-rest is the Octokit plugin to paginate REST API endpoint responses. For versions starting in 1.0.0 and prior to 11.4.1 of the npm package @octokit/plugin-paginate-rest, when calling octokit.paginate.iterator, a specially crafted octokit instance—particularly with a...
CVE-2025-25288
CVE-2025-25288 affects the npm package @octokit/plugin-paginate-rest (Octokit pagination plugin). For versions 1.0.0 up to but not including 11.4.1, calling octokit.paginate.iterator() can be triggered by a specially crafted octokit instance with a malicious link in the headers of the request, le...
CVE-2025-25288 @octokit/plugin-paginate-rest has a Regular Expression in iterator that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
@octokit/plugin-paginate-rest is the Octokit plugin to paginate REST API endpoint responses. For versions starting in 1.0.0 and prior to 11.4.1 of the npm package @octokit/plugin-paginate-rest, when calling octokit.paginate.iterator, a specially crafted octokit instance—particularly with a...