EUVD-2025-8133

Malicious code in bioql PyPI...

Denial Of Service (DoS)

@mozilla/readability is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression processing caused by specially crafted titles, allowing an attacker to cause a local denial of service...

0xkobold (>=0.5.0 <=0.8.0), @0xdwong/html-to-markdown (>=1.0.0 <=1.0.1) +346 more potentially affected by CVE-2025-2792 via @mozilla/readability (>=0.3.0 <=0.5.0)

@mozilla/readability NPM version =0.3.0, =0.5.0, =1.0.0, =0.1.0, =0.1.0, =1.0.0, =0.2.0, =0.1.0, =0.1.5-alpha.0, =0.1.0, =1.7.0, =1.8.4 and more Source cves: CVE-2025-2792 Source advisory: OSV:GHSA-3P6V-HRG8-8QJ7...

GHSA-3P6V-HRG8-8QJ7 @mozilla/readability Denial of Service through Regex

Specially crafted titles may have caused a regular expression to excessively backtrack and cause a local denial of service. Additional Details are available at Bugzilla Credit: DayShift...