UBUNTU-CVE-2022-25858
- Source
- https://ubuntu.com/security/CVE-2022-25858
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-25858.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2022-25858
- Upstream
- Published
- 2022-07-15T20:15:00Z
- Modified
- 2025-10-24T04:53:33Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.
- References
-
- https://ubuntu.com/security/CVE-2022-25858
- https://github.com/terser/terser/commit/a4da7349fdc92c05094f41d33d06d8cd4e90e76b
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949722
- https://github.com/terser/terser/commit/d8cc5691be980d663c29cc4d5ce67e852d597012
- https://snyk.io/vuln/SNYK-JS-TERSER-2806366
- https://github.com/terser/terser/blob/master/lib/compress/evaluate.js%23L135
- https://www.cve.org/CVERecord?id=CVE-2022-25858
Affected packages
Ubuntu:20.04:LTS
node-terser
Ubuntu:22.04:LTS
node-terser
qt6-webengine
Package
- Name
- qt6-webengine
- Purl
- pkg:deb/ubuntu/qt6-webengine@6.2.4+dfsg-6ubuntu1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6.*
6.2.2+dfsg-6ubuntu2
6.2.4+dfsg-1ubuntu1
6.2.4+dfsg-1ubuntu2
6.2.4+dfsg-6ubuntu1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt6pdf6",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "libqt6pdfquick6",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "libqt6pdfwidgets6",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "libqt6webengine6-data",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "libqt6webenginecore6",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "libqt6webenginecore6-bin",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "libqt6webenginequick6",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "libqt6webenginequickdelegatesqml6",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "libqt6webenginewidgets6",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "qml6-module-qtquick-pdf",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "qml6-module-qtwebengine",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "qml6-module-qtwebengine-controlsdelegates",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "qt6-image-formats-plugin-pdf",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "qt6-pdf-dev",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "qt6-webengine-dev",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "qt6-webengine-dev-tools",
"binary_version": "6.2.4+dfsg-6ubuntu1"
},
{
"binary_name": "qt6-webengine-private-dev",
"binary_version": "6.2.4+dfsg-6ubuntu1"
}
]
}Ubuntu:24.04:LTS
node-terser
qt6-webengine
Package
- Name
- qt6-webengine
- Purl
- pkg:deb/ubuntu/qt6-webengine@6.4.2-final+dfsg-12ubuntu9?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6.*
6.4.2-final+dfsg-11
6.4.2-final+dfsg-12
6.4.2-final+dfsg-12build1
6.4.2-final+dfsg-12ubuntu1
6.4.2-final+dfsg-12ubuntu7
6.4.2-final+dfsg-12ubuntu9
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt6pdf6",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "libqt6pdfquick6",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "libqt6pdfwidgets6",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "libqt6webengine6-data",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "libqt6webenginecore6",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "libqt6webenginecore6-bin",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "libqt6webenginequick6",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "libqt6webenginequickdelegatesqml6",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "libqt6webenginewidgets6",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "qml6-module-qtquick-pdf",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "qml6-module-qtwebengine",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "qml6-module-qtwebengine-controlsdelegates",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "qt6-image-formats-plugin-pdf",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "qt6-pdf-dev",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "qt6-webengine-dev",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "qt6-webengine-dev-tools",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "qt6-webengine-doc-dev",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "qt6-webengine-doc-html",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "qt6-webengine-examples",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
},
{
"binary_name": "qt6-webengine-private-dev",
"binary_version": "6.4.2-final+dfsg-12ubuntu9"
}
]
}Ubuntu:25.04
node-terser
qt6-webengine
Package
- Name
- qt6-webengine
- Purl
- pkg:deb/ubuntu/qt6-webengine@6.8.3+dfsg-0ubuntu1?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6.*
6.6.2+dfsg-5ubuntu2
6.7.2+dfsg-5
6.7.2+dfsg-8
6.8.1+dfsg-0ubuntu1
6.8.2+dfsg-0ubuntu2
6.8.2+dfsg-3fakesync1
6.8.3+dfsg-0ubuntu1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt6pdf6",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "libqt6pdfquick6",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "libqt6pdfwidgets6",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "libqt6webengine6-data",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "libqt6webenginecore6",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "libqt6webenginecore6-bin",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "libqt6webenginequick6",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "libqt6webenginewidgets6",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "qml6-module-qtquick-pdf",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "qml6-module-qtwebengine",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "qml6-module-qtwebengine-controlsdelegates",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "qt6-image-formats-plugin-pdf",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "qt6-pdf-dev",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "qt6-webengine-dev",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "qt6-webengine-dev-tools",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "qt6-webengine-doc-dev",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "qt6-webengine-doc-html",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "qt6-webengine-examples",
"binary_version": "6.8.3+dfsg-0ubuntu1"
},
{
"binary_name": "qt6-webengine-private-dev",
"binary_version": "6.8.3+dfsg-0ubuntu1"
}
]
}Ubuntu:25.10
node-terser
qt6-webengine
Package
- Name
- qt6-webengine
- Purl
- pkg:deb/ubuntu/qt6-webengine@6.9.2+dfsg-2?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt6pdf6",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "libqt6pdfquick6",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "libqt6pdfwidgets6",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "libqt6webengine6-data",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "libqt6webenginecore6",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "libqt6webenginecore6-bin",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "libqt6webenginequick6",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "libqt6webenginewidgets6",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "qml6-module-qtquick-pdf",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "qml6-module-qtwebengine",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "qml6-module-qtwebengine-controlsdelegates",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "qt6-image-formats-plugin-pdf",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "qt6-pdf-dev",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "qt6-pdf-private-dev",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "qt6-webengine-dev",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "qt6-webengine-dev-tools",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "qt6-webengine-doc-dev",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "qt6-webengine-doc-html",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "qt6-webengine-examples",
"binary_version": "6.9.2+dfsg-2"
},
{
"binary_name": "qt6-webengine-private-dev",
"binary_version": "6.9.2+dfsg-2"
}
]
}