7 matches found
Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale and the Management GUI are now included (CVE-2025-48050, CVE-2025-43865 and CVE-2025-43864)
Summary The following vulnerabilities that can affect IBM Storage Scale and the Management GUI and could provide weaker than expected security are now fixed CVE-2025-48050, CVE-2025-43865 and CVE-2025-43864. Vulnerability Details CVEID:CVE-2025-48050 DESCRIPTION: In DOMPurify through 3.2.5 before...
CVE-2025-43865
A flaw was found in React Router. This vulnerability allows an attacker to spoof pre-rendered data and potentially poison the cache via the X-React-Router-Prerender-Data header, enabling arbitrary content injection on the target page. Mitigation Mitigation for this issue is either not available o...
CVE-2025-43865 React Router allows pre-render data spoofing on React-Router framework mode
React Router is a router for React. In versions on the 7.0 branch prior to version 7.5.2, it's possible to modify pre-rendered data by adding a header to the request. This allows to completely spoof its contents and modify all the values of the data object passed to the HTML. This issue has bee...
CVE-2025-43865 React Router allows pre-render data spoofing on React-Router framework mode
React Router is a router for React. In versions on the 7.0 branch prior to version 7.5.2, it's possible to modify pre-rendered data by adding a header to the request. This allows to completely spoof its contents and modify all the values of the data object passed to the HTML. This issue has bee...
CVE-2025-43865
CVE-2025-43865 affects React Router on the 7.0 branch before 7.5.2. The issue allows an attacker to modify pre-rendered data by adding a header to the request, enabling complete spoofing of the data object passed to the HTML. The vulnerability is patched in version 7.5.2. IBM’s bulletin notes thi...
10xanswers (>=1.1.0 <=1.1.16), 31g-form-parser (=1.0.107) +3358 more potentially affected by CVE-2025-43865 via react-router (>=7.0.0-pre.0 <=7.5.1)
react-router NPM version =7.0.0-pre.0, =1.1.0, =1.0.0, =0.0.6, =0.0.1, =0.1.0, =3.1.0-beta.1, =1.0.0, =0.0.2, =1.0.0, =1.0.1, =5.0.8 and more Source cves: CVE-2025-43865 Source advisory: OSV:GHSA-CPJ6-FHP6-MR6J...
CVE-2025-43865
creationtimestamp| type| source ---|---|--- 2025-04-24 14:55:19+00:00| published-proof-of-concept| https://github.com/remix-run/react-router/security/advisories/GHSA-cpj6-fhp6-mr6j 2025-04-25 01:10:55+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13366 2025-04-25...