[🐛 BUG]: CVE-2025-22871 #2166

Orrison · 2025-04-29T01:52:40Z

No duplicates 🥲.

I have searched for a similar issue in our bug tracker and didn't find any solutions.

What happened?

CVE-2025-22871 is present in the current version of the rr package triggering causing vulnerability and triggering a critical vuln in auditing reports.

Package like esbuild have updated to resolve this issue for reference: evanw/esbuild#4133

Version (rr --version)

2024.3.5

How to reproduce the issue?

The vulnerability is present at all times. No need to reproduce.

Relevant log output

The text was updated successfully, but these errors were encountered:

rustatian · 2025-05-01T16:11:01Z

Fixed in v2025.1

Orrison added B-bug Bug: bug, exception F-need-verification labels Apr 29, 2025

Orrison assigned rustatian Apr 29, 2025

Orrison mentioned this issue Apr 29, 2025

Update go to 1.24.2 #2167

Closed

6 tasks

rustatian added this to the v2025.1.0 milestone Apr 29, 2025

rustatian added this to Jira 😄 Apr 29, 2025

rustatian moved this to 🏗 In progress in Jira 😄 Apr 29, 2025

rustatian added A-other Area: other Y-high Priority: High and removed B-bug Bug: bug, exception labels Apr 29, 2025

rustatian mentioned this issue May 1, 2025

release: v2025.1.0 #2170

Merged

6 tasks

BrewTestBot mentioned this issue May 1, 2025

roadrunner 2025.1.0 Homebrew/homebrew-core#222113

Merged

rustatian closed this as completed May 1, 2025

github-project-automation bot moved this from 🏗 In progress to ✅ Done in Jira 😄 May 1, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

[🐛 BUG]: CVE-2025-22871 #2166

[🐛 BUG]: CVE-2025-22871 #2166

Orrison commented Apr 29, 2025

rustatian commented May 1, 2025

Uh oh!

Uh oh!

[🐛 BUG]: CVE-2025-22871 #2166

[🐛 BUG]: CVE-2025-22871 #2166

Comments

Orrison commented Apr 29, 2025

No duplicates 🥲.

What happened?

Version (rr --version)

How to reproduce the issue?

Relevant log output

rustatian commented May 1, 2025

Uh oh!