What is CVE-2025-58451?

### Overview A security review of the Cattown identified multiple weaknesses that could potentially impact its stability and security. ### Affected Versions - All versions below 1.0.2 ### Description of Vulnerabilities 1. CWE-1333: Inefficient Regular Expression Complexity The package used regular expressions with inefficient, potentially exponential worst-case complexity. This can cause excessive CPU usage due to excessive backtracking on crafted inputs, potentially leading to denial of service. 2. CWE-400: Uncontrolled Resource Consumption (Resource Exhaustion) The package was vulnerable to resource exhaustion, where processing malicious inputs could cause high CPU or memory usage, potentially leading to denial of service. ### Impact - Trigger excessive CPU consumption leading to denial of service - Cause resource exhaustion affecting service availability - Bypass protection mechanisms causing unexpected or insecure behavior ### Resolution These vulnerabilities have been fixed in version 1.0.2 of the Cattown. Users are strongly encouraged to upgrade to this version to mitigate the risks. ### Recommendations - Upgrade to Cattown version 1.0.2 or later as soon as possible. - Review and restrict input sources if untrusted inputs are processed. ### Acknowledgments The issues were proactively identified through CodeQL static analysis.

What is the severity of CVE-2025-58451?

CVE-2025-58451 has a CVSS v3 score of 0, which is classified as Low severity.

Is there an exploit available for CVE-2025-58451?

No known public exploits are currently available for CVE-2025-58451.

Is there a patch available for CVE-2025-58451?

Yes, patches are available for CVE-2025-58451. Check the vendor advisories for update instructions.

CVE-2025-58451 - CVE Details, Severity, and Analysis

Severity Scores

CVSS v30.0

CVSS v20.0

Priority Score0.0

EPSS Score0.0

None

Exploitation LikelihoodMinimal

0.00%EPSS

Very low probability of exploitation

Monitor and patch as resources allow

0.00%

EPSS

0.0

CVSS

No

Exploit

Yes

Patch

Low Priority

no major risk factors

EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.

Description

Overview

A security review of the Cattown identified multiple weaknesses that could potentially impact its stability and security.

Affected Versions

All versions below 1.0.2

Description of Vulnerabilities

CWE-1333: Inefficient Regular Expression Complexity The package used regular expressions with inefficient, potentially exponential worst-case complexity. This can cause excessive CPU usage due to excessive backtracking on crafted inputs, potentially leading to denial of service.
CWE-400: Uncontrolled Resource Consumption (Resource Exhaustion) The package was vulnerable to resource exhaustion, where processing malicious inputs could cause high CPU or memory usage, potentially leading to denial of service.

Impact

Trigger excessive CPU consumption leading to denial of service
Cause resource exhaustion affecting service availability
Bypass protection mechanisms causing unexpected or insecure behavior

Resolution

These vulnerabilities have been fixed in version 1.0.2 of the Cattown. Users are strongly encouraged to upgrade to this version to mitigate the risks.

Recommendations

Upgrade to Cattown version 1.0.2 or later as soon as possible.
Review and restrict input sources if untrusted inputs are processed.

Acknowledgments

The issues were proactively identified through CodeQL static analysis.

CVSS v3 Breakdown

Attack Vector:-

Attack Complexity:-

Privileges Required:-

User Interaction:-

Scope:-

Confidentiality:-

Integrity:-

Availability:-

Patch References

Github.com Github.com