CVE-2025-8263

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-8263
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

02 Aug 2025, 09:15

Type Values Removed Values Added
References
  • {'url': 'https://github.com/prettier/prettier/issues/17737', 'tags': ['Exploit', 'Issue Tracking'], 'source': 'cna@vuldb.com'}
  • {'url': 'https://github.com/prettier/prettier/issues/17737#issue-3238184068', 'tags': ['Exploit', 'Issue Tracking'], 'source': 'cna@vuldb.com'}
  • {'url': 'https://vuldb.com/?ctiid.317851', 'tags': ['Permissions Required', 'VDB Entry'], 'source': 'cna@vuldb.com'}
  • {'url': 'https://vuldb.com/?id.317851', 'tags': ['Third Party Advisory', 'VDB Entry'], 'source': 'cna@vuldb.com'}
  • {'url': 'https://vuldb.com/?submit.617593', 'tags': ['Third Party Advisory', 'VDB Entry'], 'source': 'cna@vuldb.com'}
CPE cpe:2.3:a:prettier:prettier:*:*:*:*:*:*:*:*
Summary
  • (es) Se encontró una vulnerabilidad en Prettier hasta la versión 3.6.2. Se ha declarado problemática. Esta vulnerabilidad afecta a la función parseNestedCSS del archivo src/language-css/parser-postcss.js. La manipulación del nodo de argumento genera una complejidad ineficiente en las expresiones regulares. El ataque puede ejecutarse en remoto. Se ha hecho público el exploit y puede que sea utilizado
Summary (en) A vulnerability was found in prettier up to 3.6.2. It has been declared as problematic. Affected by this vulnerability is the function parseNestedCSS of the file src/language-css/parser-postcss.js. The manipulation of the argument node leads to inefficient regular expression complexity. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. (en) Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CWE CWE-1333
CWE-400
CVSS v2 : 4.0
v3 : 4.3 		v2 : unknown
v3 : unknown

31 Jul 2025, 19:17

Type Values Removed Values Added
References () https://github.com/prettier/prettier/issues/17737 - () https://github.com/prettier/prettier/issues/17737 - Exploit, Issue Tracking
References () https://github.com/prettier/prettier/issues/17737#issue-3238184068 - () https://github.com/prettier/prettier/issues/17737#issue-3238184068 - Exploit, Issue Tracking
References () https://vuldb.com/?ctiid.317851 - () https://vuldb.com/?ctiid.317851 - Permissions Required, VDB Entry
References () https://vuldb.com/?id.317851 - () https://vuldb.com/?id.317851 - Third Party Advisory, VDB Entry
References () https://vuldb.com/?submit.617593 - () https://vuldb.com/?submit.617593 - Third Party Advisory, VDB Entry
CPE cpe:2.3:a:prettier:prettier:*:*:*:*:*:*:*:*
First Time Prettier prettier
Prettier

29 Jul 2025, 14:14

Type Values Removed Values Added
Summary
  • (es) Se encontró una vulnerabilidad en Prettier hasta la versión 3.6.2. Se ha declarado problemática. Esta vulnerabilidad afecta a la función parseNestedCSS del archivo src/language-css/parser-postcss.js. La manipulación del nodo de argumento genera una complejidad ineficiente en las expresiones regulares. El ataque puede ejecutarse en remoto. Se ha hecho público el exploit y puede que sea utilizado

28 Jul 2025, 08:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-07-28 08:15

Updated : 2025-08-02 09:15

NVD link : CVE-2025-8263

Mitre link : CVE-2025-8263

CVE.ORG link : CVE-2025-8263

JSON object : View

Products Affected

No product.

CWE

No CWE.