CVE-2025-48058 Information

Jun 21, 2025 cve

Description

PowSyBl (Power System Blocks) is a framework to build power system oriented software. Prior to version 6.7.2 there is a potential polynomial Regular Expression Denial of Service (ReDoS) vulnerability in the PowSyBl’s DataSource mechanism. If successfully exploited a malicious actor can cause significant CPU consumption due to regex backtracking — even with polynomial patterns. This issue has been patched in com.powsybl:powsybl-commons: 6.7.2.

Reference

https://github.com/powsybl/powsybl-core/commit/72f79dec6d4292f892fbddd68a19c67935c7d81f https://github.com/powsybl/powsybl-core/releases/tag/v6.7.2 https://github.com/powsybl/powsybl-core/security/advisories/GHSA-rqpx-f6rc-7hm5

CNNVD-202506-2617 (Published: 2025-06-20)

Share on:

CVE-2025-48058 Information

Description

Reference

Related CNNVD