ГлавнаяУязвимости → CVE-2025-9288
9.1критическая

CVE-2025-9288

Описание

Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects sha.js: through 2.4.11.

Затрагиваемое ПО
Browserify Sha.js
CVSS
Балл9.1 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Источники
https://github.com/browserify/sha.js/pull/78https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5https://www.cve.org/CVERecord?id=CVE-2025-9287https://lists.debian.org/debian-lts-announce/2025/09/msg00016.htmlhttps://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5