Home Packages KEV Critical Insights Jobs Pricing

Loading…

Data from OSV.dev, CISA KEV, and FIRST EPSS.Sync status GitHub

CVE-2025-23090 · VulnScope

CVE-2025-23090

Description

Rejected reason: This CVE record has been withdrawn due to a duplicate entry CVE-2025-23083.

How to fix CVE-2025-23090

To remediate CVE-2025-23090, upgrade the affected package to a fixed version below.

Bitnami/node—upgrade to 20.18.2 or later
Bitnami/node-min—upgrade to 20.18.2 or later

Is CVE-2025-23090 being exploited?

No exploitation signal available. Neither CISA KEV nor a current EPSS score has been published for CVE-2025-23090.

Affected packages (2)

Bitnami/node>= 19.0.0, < 20.18.2, >= 21.0.0, < 22.13.1, >= 23.0.0, < 23.8.0
>= 19.0.0, < 20.18.2, >= 21.0.0, < 22.13.1, >= 23.0.0, < 23.8.0

References (2)

WEBhackerone.com/reports/2575105
WEBnvd.nist.gov/vuln/detail/CVE-2025-23090

Metadata

Published: 1/27/2025
Modified: 7/19/2025

Also known as:

BIT-node-2025-23090other
BIT-node-min-2025-23090other

Bitnami/node-min