CVE-2025-23166 | Node.js Async Cryptographic Operation SignTraits::DeriveBits denial of service

Inserito da Angelo Barbosa | Mag 15, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Node.js. This affects the function SignTraits::DeriveBits of the component Async Cryptographic Operation Handler. The manipulation leads to denial of service.

This vulnerability is uniquely identified as CVE-2025-23166. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-23166 | Node.js Async Cryptographic Operation SignTraits::DeriveBits denial of service

Post correlati

CVE-2024-11186 | Arista CloudVision Portal up to 2024.3.0 improper authentication

CVE-2024-54156 | JetBrains YouTrack up to 2024.3.51866 prototype pollution

CVE-2023-47579 | Relyum RELY-PCIe 22.2.1 System Group Misconfiguration unknown vulnerability

CVE-2024-51525 | Huawei HarmonyOS 5.0.0 Clipboard Module access control