{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T01:18:37.225","vulnerabilities":[{"cve":{"id":"CVE-2025-25288","sourceIdentifier":"security-advisories@github.com","published":"2025-02-14T20:15:34.737","lastModified":"2025-02-14T20:15:34.737","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"@octokit\/plugin-paginate-rest is the Octokit plugin to paginate REST API endpoint responses. For versions starting in 1.0.0 and prior to 11.4.1 of the npm package `@octokit\/plugin-paginate-rest`, when calling `octokit.paginate.iterator()`, a specially crafted `octokit` instance—particularly with a malicious `link` parameter in the `headers` section of the `request`—can trigger a ReDoS attack. Version 11.4.1 contains a fix for the issue."},{"lang":"es","value":"@octokit\/plugin-paginate-rest es el complemento de Octokit para paginar las respuestas de los endpoints de la API REST. En las versiones que comienzan con la 1.0.0 y anteriores a la 11.4.1 del paquete npm `@octokit\/plugin-paginate-rest`, al llamar a `octokit.paginate.iterator()`, una instancia de `octokit` especialmente manipulada (en particular, con un parámetro `link` malicioso en la sección `headers` de `request`) puede desencadenar un ataque ReDoS. La versión 11.4.1 contiene una solución para el problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1333"}]}],"references":[{"url":"https:\/\/github.com\/octokit\/plugin-paginate-rest.js\/blob\/main\/src\/iterator.ts","source":"security-advisories@github.com"},{"url":"https:\/\/github.com\/octokit\/plugin-paginate-rest.js\/commit\/bb6c4f945d8023902cf387391d2b2209261044ab","source":"security-advisories@github.com"},{"url":"https:\/\/github.com\/octokit\/plugin-paginate-rest.js\/security\/advisories\/GHSA-h5c3-5r3r-rr8q","source":"security-advisories@github.com"}]}}]}