How severe is CVE-2025-4727?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2025-4727?

This is classified as CWE-400, which is a common weakness in software security.

CVE-2025-4727

MEDIUM Year: 2025

CVSS v3 Score

3.7

Low

CVSS v2 Score

2.6

Low

Weakness Type

CWE-400

View all →

Vulnerability Description

A vulnerability was found in Meteor up to 3.2.1 and classified as problematic. This issue affects the function Object.assign of the file packages/ddp-server/livedata_server.js. The manipulation of the argument forwardedFor leads to inefficient regular expression complexity. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 3.2.2 is able to address this issue. The identifier of the patch is f7ea6817b90952baaea9baace2a3b4366fee6a63. It is recommended to upgrade the affected component.

CVE-2021-32823

LOW

CVSS:3.7(Low)

In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. In affected versions it is very slow for certain classes in BinData to be created. For example BinDat...

CWE-4002021

CVE-2024-1410

LOW

CVSS:3.7(Low)

Cloudflare quiche was discovered to be vulnerable to unbounded storage of information related to connection ID retirement, which could lead to excessive resource consumption. Each QUIC connection poss...

CWE-4002024

CVE-2024-34079

LOW

CVSS:3.7(Low)

octo-sts is a GitHub App that acts like a Security Token Service (STS) for the Github API. This vulnerability can spike the resource utilization of the STS service, and combined with a significant tra...

CWE-4002024

CVE-2019-10162

LOW

CVSS:3.5(Low)

A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zon...

CWE-4002019

CVE-2025-20057

MEDIUM

CVSS:3.5(Low)

Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access.

CWE-4002025

CVE-2025-20084

MEDIUM

CVSS:3.5(Low)

Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access.

CWE-4002025

CVE-2025-4727

Vulnerability Description

Related Vulnerabilities

CVE-2021-32823

CVE-2024-1410

CVE-2024-34079

CVE-2019-10162

CVE-2025-20057

CVE-2025-20084