CVE-2025-59288
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-14
Last updated on: 2025-11-21
Assigner: Microsoft Corporation
Description
Description
Improper verification of cryptographic signature in Github: Playwright allows an unauthorized attacker to perform spoofing over an adjacent network.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| microsoft | playwright | to 1.55.1 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-347 | The product does not verify, or incorrectly verifies, the cryptographic signature for data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves improper verification of cryptographic signatures in GitHub, which allows an unauthorized attacker on an adjacent network to perform spoofing attacks.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability could spoof communications or data, potentially leading to unauthorized actions or misinformation, especially if you rely on GitHub for secure code or data verification.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70