Skip to main content
Version: latest

CVE-2022-25883

CVE Details

CVE-2022-25883

Last Update

9/25/24

NIST CVE Summary

Versions of the package server before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.

Our Official Summary

The CVE reported in virtual cluster CAPI provider. Govulncheck reports it as non-impacting.

CVE Severity

7.5

Status

Ongoing

Affected Products & Versions

  • Palette VerteX 4.4.11

Revision History

  • 1.0 07/16/2024 Initial Publication
  • 2.0 08/17/2024 Remediated in Palette VerteX 4.4.14
  • 3.0 09/25/2024 Remediated in Palette VerteX 4.4.18