CVE-2025-7074
BaseFortify
Publication date: 2025-07-05
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vercel | hyper | to 3.4.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1333 | The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles. |
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7074 is a Regular Expression Denial of Service (ReDoS) vulnerability found in the vercel hyper software, specifically in the rimraf-standalone.js script. The issue arises from inefficient regular expressions used in functions like expand, braceExpand, and ignoreMap that parse glob patterns and comments. These regex patterns use greedy quantifiers that cause catastrophic backtracking when processing specially crafted malicious input strings, leading to excessive CPU consumption and denial of service. Attackers can exploit this remotely by sending malicious input that triggers the inefficient regex, causing the application to hang or become unresponsive. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing remote attackers to cause a denial of service condition on your system running the affected vercel hyper versions. The inefficient regular expressions can be triggered to consume excessive CPU resources, potentially making the application or system unresponsive or unavailable. This can disrupt normal operations, degrade performance, and cause downtime until the affected process is restarted or mitigated. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unusually high CPU usage or denial of service symptoms when processing inputs that trigger the vulnerable regular expressions in the rimraf-standalone.js script. Detection can also involve testing with proof-of-concept attack strings such as very long sequences of commas, braces, or /** patterns that cause catastrophic backtracking. Specific commands are not provided, but one could use system monitoring tools (e.g., top, htop) to observe CPU spikes during such tests or run scripts that input the attack strings to the vulnerable application to observe its behavior. [1, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include refactoring the vulnerable regular expressions in the rimraf-standalone.js file to use tempered greedy tokens and atomic grouping techniques as proposed: replacing greedy quantifiers like .* with negative lookaheads to prevent catastrophic backtracking. If modifying the code is not feasible, consider replacing the affected component with an alternative product. Monitoring and limiting input sizes or filtering malicious input patterns may also help reduce risk until a fix is applied. [1, 2, 3]