How to fix EUVD-2025-19555?

Within 7 days: Identify all affected systems and apply vendor patches promptly. Monitor vendor channels for patch availability.

Is String Math affected by EUVD-2025-19555?

Organizations using string-math v1.2.2 face moderate risk from CVE-2025-45143 rated CVSS 7.0. Exploitation could compromise the security of affected deployments. Proof-of-concept code is publicly available, increasing the risk of exploitation.

EUVD-2025-19555

| CVE-2025-45143 HIGH

2025-06-30 [email protected]

GHSA-994j-5c83-r424

Denial Of Service String Math

7.0

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

Low

Lifecycle Timeline

Analysis Generated

Mar 16, 2026 - 01:25 vuln.today

EUVD ID Assigned

Mar 16, 2026 - 01:25 euvd

EUVD-2025-19555

PoC Detected

Oct 18, 2025 - 01:41 vuln.today

Public exploit code

CVE Published

Jun 30, 2025 - 17:15 nvd

HIGH 7.0

DescriptionNVD

string-math v1.2.2 was discovered to contain a Regex Denial of Service (ReDoS) which is exploited via a crafted input.

AnalysisAI

string-math v1.2.2 was discovered to contain a Regex Denial of Service (ReDoS) which is exploited via a crafted input.

Technical ContextAI

A denial of service vulnerability allows an attacker to disrupt the normal functioning of a system, making it unavailable to legitimate users. This vulnerability is classified as Inefficient Regular Expression Complexity (ReDoS) (CWE-1333).

RemediationAI

Implement rate limiting and input validation. Use timeout mechanisms for resource-intensive operations. Deploy DDoS protection where applicable.

EUVD-2025-19555 vulnerability details – vuln.today

Back

EUVD-2025-19555

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code