A vulnerability was found in vuejs vue-cli up to 5.0.8. It has been rated as problematic. This issue affects the function HtmlPwaPlugin of the file packages/@vue/cli-plugin-pwa/lib/HtmlPwaPlugin.js of the component Markdown Code Handler. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely.
References
Link | Resource |
---|---|
https://github.com/vuejs/vue-cli/pull/7478 | Exploit Issue Tracking Patch |
https://vuldb.com/?ctiid.311669 | Permissions Required VDB Entry |
https://vuldb.com/?id.311669 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.585798 | Third Party Advisory VDB Entry |
https://github.com/vuejs/vue-cli/pull/7478 | Exploit Issue Tracking Patch |
Configurations
History
10 Jul 2025, 16:28
Type | Values Removed | Values Added |
---|---|---|
First Time |
Vuejs vue Cli
Vuejs |
|
References | () https://github.com/vuejs/vue-cli/pull/7478 - Exploit, Issue Tracking, Patch | |
References | () https://vuldb.com/?ctiid.311669 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.311669 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.585798 - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:vuejs:vue_cli:*:*:*:*:*:*:*:* |
10 Jun 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/vuejs/vue-cli/pull/7478 - | |
Summary |
|
09 Jun 2025, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-09 21:15
Updated : 2025-07-10 16:28
NVD link : CVE-2025-5897
Mitre link : CVE-2025-5897
CVE.ORG link : CVE-2025-5897
JSON object : View
Products Affected
vuejs
- vue_cli