CNNVD-202508-2338 Information

CNNVD ID

CNNVD-202508-2338

Related CVE

CVE-2025-9287

• CNNVD Published: 2025-08-20

Description (Chinese)

cipher-base是Browserify开源的一个加密流的抽象基类。 cipher-base 1.0.4及之前版本存在安全漏洞，该漏洞源于输入验证不当，可能导致输入数据被篡改。

Description (English)

Cipher-base is an abstract base for an encryption stream from Brownserify. There is a security loophole in the cipher-base 1.0.4 and earlier versions, which stems from inappropriate input validation and may lead to the manipulation of input data.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Browserify

Published

2025-08-20

Last Modified

2026-02-24

References

https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc https://github.com/browserify/cipher-base/pull/23 https://nvd.nist.gov/vuln/detail/CVE-2025-9287 https://vigilance.fr/vulnerability/cipher-base-write-access-dated-27-08-2025-48065

Patch

https://github.com/browserify/cipher-base/tags