JavaScript is a high-level, interpreted programming language essential for creating interactive web applications, running directly in web browsers to enable dynamic content and user interface enhancements. It is integral to the web development stack, working seamlessly with HTML and CSS to build responsive and feature-rich websites.

JavaScript

Grafana is an open-source visualization and analytics software. It allows you to query, visualize, alert on, and explore your metrics and time-series database (TSDB) data.

Grafana

Wolfi is a community Linux OS designed for the container and cloud-native era; it is a Linux distribution based on Alpine.

Wolfi

Chainguard is a Linux distribution based on Alpine. It's the commercial version of the Wolfi distro.

Chainguard

Debian GNU/Linux is a Linux distribution composed of free and open-source software.

Linux Debian

Red Hat Enterprise Linux is a Linux distribution developed by Red Hat for the commercial market.

Linux Red Hat

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.

CVE ID	Gravidade	Pontuação	Tecnologias	Nome do componente	Exploração do CISA KEV	Tem correção	Data de publicação
CVE-2025-55182	CRITICAL	10	JavaScript	react-server-dom-turbopack	Não	Sim	Dec 03, 2025
CVE-2025-66032	HIGH	8.7	JavaScript	@anthropic-ai/claude-code	Não	Sim	Dec 03, 2025
CVE-2025-66412	HIGH	8.5	JavaScript	@angular/compiler	Não	Sim	Dec 01, 2025
CVE-2025-66415	MEDIUM	6.9	JavaScript	@fastify/reply-from	Não	Sim	Dec 01, 2025
CVE-2025-66404	MEDIUM	6.4	JavaScript	mcp-server-kubernetes	Não	Sim	Dec 03, 2025

CVE-2025-66031:
JavaScript Análise e mitigação de vulnerabilidades

8.7

Relacionado JavaScript Vulnerabilidades:

Compare sua postura de segurança na nuvem

Recursos adicionais da Wiz

PEACH

Pronto para ver a Wiz em ação?

CVE-2025-66031: JavaScript Análise e mitigação de vulnerabilidades