{ "threat_severity" : "Moderate", "public_date" : "2025-04-25T00:18:16Z", "bugzilla" : { "description" : "react-router: React Router allows a DoS via cache poisoning by forcing SPA mode", "id" : "2362232", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2362232" }, "cvss3" : { "cvss3_base_score" : "5.3", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status" : "draft" }, "cwe" : "CWE-755", "details" : [ "React Router is a router for React. Starting in version 7.2.0 and prior to version 7.5.2, it is possible to force an application to switch to SPA mode by adding a header to the request. If the application uses SSR and is forced to switch to SPA, this causes an error that completely corrupts the page. If a cache system is in place, this allows the response containing the error to be cached, resulting in a cache poisoning that strongly impacts the availability of the application. This issue has been patched in version 7.5.2.", "A flaw was found in the React Router. This vulnerability allows an attacker to trigger a rendering error via a crafted X-React-Router-SPA-Mode header, which can result in cache poisoning. If a caching system is in place, the corrupted error response may be cached and served to subsequent users, significantly impacting application availability." ], "statement" : "The severity of this vulnerability is rated Moderate, as it does not impact system availability. The effects are confined to the application layer, specifically involving data manipulation and potential cache poisoning, without compromising the underlying system stability.", "package_state" : [ { "product_name" : "Cryostat 3", "fix_state" : "Not affected", "package_name" : "io.cryostat-cryostat3", "cpe" : "cpe:/a:redhat:cryostat:3" }, { "product_name" : "Cryostat 4", "fix_state" : "Not affected", "package_name" : "io.cryostat-cryostat", "cpe" : "cpe:/a:redhat:cryostat:4" }, { "product_name" : "Network Observability Operator", "fix_state" : "Not affected", "package_name" : "network-observability/network-observability-console-plugin-rhel9", "cpe" : "cpe:/a:redhat:network_observ_optr:1" }, { "product_name" : "OpenShift Lightspeed", "fix_state" : "Not affected", "package_name" : "openshift-lightspeed-tech-preview/lightspeed-console-plugin-rhel9", "cpe" : "cpe:/a:redhat:openshift_lightspeed" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-backstage-plugins-eventmesh-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "automation-controller", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "automation-eda-controller", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "automation-gateway", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "automation-hub", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python3x-galaxy-ng", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python-galaxy-ng", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat build of Apache Camel - HawtIO 4", "fix_state" : "Not affected", "package_name" : "io.hawt-project", "cpe" : "cpe:/a:redhat:apache_camel_hawtio:4" }, { "product_name" : "Red Hat build of Apicurio Registry 2", "fix_state" : "Not affected", "package_name" : "io.apicurio-apicurio-registry", "cpe" : "cpe:/a:redhat:service_registry:2" }, { "product_name" : "Red Hat build of OptaPlanner 8", "fix_state" : "Not affected", "package_name" : "org.optaweb.vehiclerouting-optaweb-vehicle-routing", "cpe" : "cpe:/a:redhat:optaplanner:::el6" }, { "product_name" : "Red Hat Data Grid 8", "fix_state" : "Not affected", "package_name" : "org.infinispan-infinispan-console", "cpe" : "cpe:/a:redhat:jboss_data_grid:8" }, { "product_name" : "Red Hat Developer Hub", "fix_state" : "Not affected", "package_name" : "rhdh/rhdh-hub-rhel9", "cpe" : "cpe:/a:redhat:rhdh:1" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "dotnet5.0-build-reference-packages", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Not affected", "package_name" : "io.syndesis-syndesis-parent", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat Integration Camel K 1", "fix_state" : "Not affected", "package_name" : "io.apicurio-apicurio-registry", "cpe" : "cpe:/a:redhat:integration:1" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8", "fix_state" : "Not affected", "package_name" : "org.keycloak-keycloak-parent", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform Expansion Pack", "fix_state" : "Not affected", "package_name" : "org.keycloak-keycloak-parent", "cpe" : "cpe:/a:redhat:jbosseapxp" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-dashboard-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-data-science-pipelines-argo-argoexec-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-ml-pipelines-api-server-v2-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-ml-pipelines-driver-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-ml-pipelines-launcher-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-model-registry-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-monitoring-plugin-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift distributed tracing 3", "fix_state" : "Not affected", "package_name" : "rhosdt/tempo-gateway-opa-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:3" }, { "product_name" : "Red Hat OpenShift distributed tracing 3", "fix_state" : "Not affected", "package_name" : "rhosdt/tempo-gateway-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:3" }, { "product_name" : "Red Hat OpenShift distributed tracing 3", "fix_state" : "Not affected", "package_name" : "rhosdt/tempo-jaeger-query-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:3" }, { "product_name" : "Red Hat OpenShift distributed tracing 3", "fix_state" : "Not affected", "package_name" : "rhosdt/tempo-operator-bundle", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:3" }, { "product_name" : "Red Hat OpenShift distributed tracing 3", "fix_state" : "Not affected", "package_name" : "rhosdt/tempo-query-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:3" }, { "product_name" : "Red Hat OpenShift distributed tracing 3", "fix_state" : "Not affected", "package_name" : "rhosdt/tempo-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:3" }, { "product_name" : "Red Hat OpenShift distributed tracing 3", "fix_state" : "Not affected", "package_name" : "rhosdt/tempo-rhel8-operator", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:3" }, { "product_name" : "Red Hat Process Automation 7", "fix_state" : "Not affected", "package_name" : "org.uberfire-uberfire-parent", "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform:7" }, { "product_name" : "Red Hat Single Sign-On 7", "fix_state" : "Not affected", "package_name" : "org.keycloak-keycloak-parent", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-43864\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-43864\nhttps://github.com/remix-run/react-router/blob/e6c53a0130559b4a9bd47f9cf76ea5b08a69868a/packages/react-router/lib/server-runtime/server.ts#L407\nhttps://github.com/remix-run/react-router/commit/c84302972a152d851cf5dd859ff332b354b70111\nhttps://github.com/remix-run/react-router/security/advisories/GHSA-f46r-rw29-r322" ], "name" : "CVE-2025-43864", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }