PT-2025-41615 · Cel-Rust · Cel-Rust
Howardjohn
·
Published
2025-10-10
·
Updated
2025-10-15
·
CVE-2025-62162
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
cel-rust versions 0.10.0 through 0.11.3
Description
cel-rust is a Common Expression Language interpreter written in Rust. Parsing specific, malformed Common Expression Language (CEL) expressions can cause the parser to terminate unexpectedly. If used to evaluate untrusted expressions, such as user-supplied input received through an API, an attacker can send crafted input to trigger a denial of service (DoS).
Recommendations
Update to version 0.11.4 or later.
Exploit
Fix
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cel-Rust