Metrics
Affected Vendors & Products
Wed, 16 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | epss 
 | epss 
 | 
Fri, 11 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | epss 
 | epss 
 | 
Thu, 10 Jul 2025 16:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Metabase Metabase metabase | |
| CPEs | cpe:2.3:a:metabase:metabase:0.54.10:*:*:*:-:*:*:* | |
| Vendors & Products | Metabase Metabase metabase | 
Tue, 10 Jun 2025 16:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Mon, 09 Jun 2025 20:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | A vulnerability was found in Metabase 54.10. It has been classified as problematic. This affects the function parseDataUri of the file frontend/src/metabase/lib/dom.js. The manipulation leads to inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The patch is named 4454ebbdc7719016bf80ca0f34859ce5cee9f6b0. It is recommended to apply a patch to fix this issue. | |
| Title | Metabase dom.js parseDataUri redos | |
| Weaknesses | CWE-1333 CWE-400 | |
| References |  | 
 | 
| Metrics | cvssV2_0 
 
 
 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: VulDB
Published: 2025-06-09T20:00:19.261Z
Updated: 2025-06-10T15:30:32.919Z
Reserved: 2025-06-09T06:47:00.425Z
Link: CVE-2025-5895
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-06-10T14:23:33.468Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2025-06-09T20:15:25.890
Modified: 2025-07-10T16:26:17.607
Link: CVE-2025-5895
 Redhat
                        Redhat
                    No data.