8 matches found
ROOT-APP-NPM-CVE-2025-25289 CVE-2025-25289 in @rootio/octokit__request-error - Patched by Root
Root has patched CVE-2025-25289 in the @rootio/octokitrequest-error package for Root:npm. Multiple fixed versions available...
EUVD-2025-4103
Malicious code in bioql PyPI...
CVE-2025-25289 @octokit/request-error has a Regular Expression in index that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
@octokit/request-error is an error class for Octokit request errors. Starting in version 1.0.0 and prior to version 6.1.7, a Regular Expression Denial of Service ReDoS vulnerability exists in the processing of HTTP request headers. By sending an authorization header containing an excessively long...
CVE-2025-25289 @octokit/request-error has a Regular Expression in index that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
@octokit/request-error is an error class for Octokit request errors. Starting in version 1.0.0 and prior to version 6.1.7, a Regular Expression Denial of Service ReDoS vulnerability exists in the processing of HTTP request headers. By sending an authorization header containing an excessively long...
CVE-2025-25289
CVE-2025-25289 describes a ReDoS vulnerability in the octokit request-error handling. Prior to v6.1.7, an authorization header containing a long sequence of spaces followed by a newline and “@” could cause exponential regular-expression processing, leading to high resource consumption and potenti...
CVE-2025-25289 @octokit/request-error has a Regular Expression in index that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
@octokit/request-error is an error class for Octokit request errors. Starting in version 1.0.0 and prior to version 6.1.7, a Regular Expression Denial of Service ReDoS vulnerability exists in the processing of HTTP request headers. By sending an authorization header containing an excessively long...
@zendeskgarden/scripts (>=2.1.0 <=2.4.3) potentially affected by CVE-2025-25289 via @octokit/request-error (>=6.1.1 <=6.1.4)
@octokit/request-error NPM version =6.1.1, =2.1.0, =2.4.3 Source cves: CVE-2025-25289 Source advisory: OSV:GHSA-XX4V-PRFH-6CGC...
PT-2025-7072
Name of the Vulnerable Software and Affected Versions: @octokit/request-error versions 1.0.0 through 6.1.6 Description: A Regular Expression Denial of Service ReDoS vulnerability exists in the processing of HTTP request headers. By sending an authorization header containing an excessively long...