PT-2025-21583 · Meteor · Meteor
Dayshift
·
Published
2025-05-15
·
Updated
2025-05-16
·
CVE-2025-4727
CVSS v4.0
6.3
Medium
| Vector | AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions:
Meteor versions up to 3.2.1
Description:
A vulnerability was found in the function
Object.assign of the file packages/ddp-server/livedata server.js. The manipulation of the argument forwardedFor leads to inefficient regular expression complexity. The attack may be initiated remotely. The complexity of an attack is rather high, and the exploitation is known to be difficult.Recommendations:
For versions up to 3.2.1, upgrade to version 3.2.2 to address this issue. As a temporary workaround, consider restricting the use of the
Object.assign function in the livedata server.js file until the upgrade is applied.Exploit
Fix
Resource Exhaustion
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Meteor