How severe is CVE-2025-4215?

This vulnerability has a severity rating of LOW with a CVSS score of 3.1 out of 10.

What type of vulnerability is CVE-2025-4215?

This is classified as CWE-400, which is a common weakness in software security.

CVE-2025-4215 - LOW Severity | CVSS 3.1

Vulnerability Description

A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as problematic. Affected is the function currentStateChanged of the file src/js/1p-filters.js of the component UI. The manipulation leads to inefficient regular expression complexity. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.63.3b17 is able to address this issue. The patch is identified as eaedaf5b10d2f7857c6b77fbf7d4a80681d4d46c. It is recommended to upgrade the affected component.

Related Vulnerabilities

CVE-2024-21231

LOW

CVSS:3.1(Low)

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exp...

CWE-4002024

CVE-2024-6501

LOW

CVSS:3.1(Low)

A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP pack...

CWE-4002024

CVE-2025-5031

LOW

CVSS:3.1(Low)

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the component wxapkg File Decompression Handler. The manipu...

CWE-4002025

CVE-2024-6126

LOW

CVSS:3.2(Low)

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack.

CWE-4002024

CVE-2016-1544

LOW

CVSS:3.3(Low)

nghttp2 before 1.7.1 allows remote attackers to cause a denial of service (memory exhaustion).

CWE-4002016

CVE-2019-13232

LOW

CVSS:3.3(Low)

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue.

CWE-4002019