Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/07/28 9:10 p.m.18 views

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale and the Management GUI are now included (CVE-2025-48050, CVE-2025-43865 and CVE-2025-43864)

Summary The following vulnerabilities that can affect IBM Storage Scale and the Management GUI and could provide weaker than expected security are now fixed CVE-2025-48050, CVE-2025-43865 and CVE-2025-43864. Vulnerability Details CVEID:CVE-2025-48050 DESCRIPTION: In DOMPurify through 3.2.5 before...

8.2CVSS6.4AI score0.23628EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/25 11:50 a.m.6 views

CVE-2025-43865

A flaw was found in React Router. This vulnerability allows an attacker to spoof pre-rendered data and potentially poison the cache via the X-React-Router-Prerender-Data header, enabling arbitrary content injection on the target page. Mitigation Mitigation for this issue is either not available o...

6.5CVSS8AI score0.00737EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/04/25 12:18 a.m.6 views

CVE-2025-43865 React Router allows pre-render data spoofing on React-Router framework mode

React Router is a router for React. In versions on the 7.0 branch prior to version 7.5.2, it's possible to modify pre-rendered data by adding a header to the request. This allows to completely spoof its contents and modify all the values ​​of the data object passed to the HTML. This issue has bee...

8.2CVSS7AI score0.00737EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/25 12:18 a.m.41 views

CVE-2025-43865 React Router allows pre-render data spoofing on React-Router framework mode

React Router is a router for React. In versions on the 7.0 branch prior to version 7.5.2, it's possible to modify pre-rendered data by adding a header to the request. This allows to completely spoof its contents and modify all the values ​​of the data object passed to the HTML. This issue has bee...

8.2CVSS0.00737EPSS
Exploits0References3
CVE
CVE
added 2025/04/25 12:18 a.m.148 views

CVE-2025-43865

CVE-2025-43865 affects React Router on the 7.0 branch before 7.5.2. The issue allows an attacker to modify pre-rendered data by adding a header to the request, enabling complete spoofing of the data object passed to the HTML. The vulnerability is patched in version 7.5.2. IBM’s bulletin notes thi...

8.2CVSS8.1AI score0.00737EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/04/24 4:31 p.m.9 views

10xanswers (>=1.1.0 <=1.1.16), 31g-form-parser (=1.0.107) +3358 more potentially affected by CVE-2025-43865 via react-router (>=7.0.0-pre.0 <=7.5.1)

react-router NPM version =7.0.0-pre.0, =1.1.0, =1.0.0, =0.0.6, =0.0.1, =0.1.0, =3.1.0-beta.1, =1.0.0, =0.0.2, =1.0.0, =1.0.1, =5.0.8 and more Source cves: CVE-2025-43865 Source advisory: OSV:GHSA-CPJ6-FHP6-MR6J...

8.2CVSS6.5AI score0.00737EPSS
Exploits0
Circl
Circl
added 2025/04/24 2:55 p.m.14 views

CVE-2025-43865

creationtimestamp| type| source ---|---|--- 2025-04-24 14:55:19+00:00| published-proof-of-concept| https://github.com/remix-run/react-router/security/advisories/GHSA-cpj6-fhp6-mr6j 2025-04-25 01:10:55+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13366 2025-04-25...

8.2CVSS6.6AI score0.00737EPSS
Exploits0References11
Rows per page
Query Builder