4 matches found
3gtel-frontend-platform (=1.0.0), 40dev-tools (=2.0.0) +2536 more potentially affected by CVE-2025-25975 via parse-git-config (>=0.1.0 <=3.0.0)
parse-git-config NPM version =0.1.0, =1.0.2, =4.2.1, =11.0.1, =1.2.0, =0.1.0, =0.0.1, =0.2.1, =0.0.2, =0.0.2, =0.6.0, =0.1.0, =1.0.0, =1.0.3 and more Source cves: CVE-2025-25975 Source advisory: OSV:GHSA-8G77-54RH-46HX...
CVE-2025-25975
creationtimestamp| type| source ---|---|--- 2025-03-12 19:41:14+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7366 2025-03-12 22:53:43+00:00| seen| https://t.me/cvedetector/20167 2025-08-13 13:26:34+00:00| seen| MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868...
CVE-2025-25975
An issue in parse-git-config v.3.0.0 allows an attacker to obtain sensitive information via the expandKeys function...
CVE-2025-25975
CVE-2025-25975 affects the JavaScript library parse-git-config v3.0.0. The issue is information disclosure caused by improper handling of key expansion in the expandKeys function, leading to potential leakage of sensitive data. Multiple sources (including Veracode and Red Hat advisories) describe...