CWE-179

Incorrect Behavior Order: Early Validation

1 CVEs Avg CVSS 5.5 MITRE

0

CRITICAL

0

HIGH

1

MEDIUM

0

LOW

1

POC

0

KEV

Monthly

CVE-2025-4759 MEDIUM POC PATCH This Month

Versions of the package lockfile-lint-api before 5.9.2 are vulnerable to Incorrect Behavior Order: Early Validation via the resolved attribute of the package URL validation which can be bypassed by. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Node.js Lockfile Lint Api

NVD GitHub

CVSS 4.0

5.5

EPSS

0.2%

CVE-2025-4759

EPSS 0% CVSS 5.5

MEDIUM POC PATCH This Month

Versions of the package lockfile-lint-api before 5.9.2 are vulnerable to Incorrect Behavior Order: Early Validation via the resolved attribute of the package URL validation which can be bypassed by. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Node.js Lockfile Lint Api

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy