CVE-2025-62162: 
Rust vulnerability analysis and mitigation

CVE-2025-62162 affects cel-rust, a Common Expression Language interpreter written in Rust. The vulnerability exists in versions 0.10.0 through 0.11.4 and was disclosed on October 10, 2025. The issue allows attackers to cause a denial of service by submitting malformed CEL expressions that trigger a parser panic, effectively terminating the process (GitHub Advisory).

The vulnerability stems from improper input validation in the cel-rust parser component. When processing certain malformed CEL expressions, the parser can enter an unreachable code path that results in a panic. The issue has been assigned a CVSS v3.1 base score of 7.5 (High), with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating network accessibility, low attack complexity, and no required privileges or user interaction (GitHub Advisory).

The vulnerability primarily affects availability, as successful exploitation results in a denial of service condition. When the crate is used to evaluate untrusted expressions, such as user-supplied input over an API, attackers can trigger process termination by sending specially crafted input (GitHub Advisory).

Users should upgrade to cel-rust version 0.11.4 or later, which contains the fix for this vulnerability. This can be done by updating the dependency in the Cargo.toml file to 'cel = "0.11.4"' (GitHub Advisory, GitHub Release).