← back
CVE-2025-45143

CVE-2025-45143

CVSS 7 HIGHEPSS 0.4%CWE-1333
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
30 Jun 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
string-math v1.2.2 was discovered to contain a Regex Denial of Service (ReDoS) which is exploited via a crafted input.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://gist.github.com/6en6ar/361608bccedb808061359481fe2f1b39https://github.com/devrafalko/string-math/blob/master/string-math.jshttps://www.npmjs.com/package/string-math%2C