Vulnerability Description
PowSyBl (Power System Blocks) is a framework to build power system oriented software. Prior to version 6.7.2, there is a potential polynomial Regular Expression Denial of Service (ReDoS) vulnerability in the PowSyBl's DataSource mechanism. If successfully exploited, a malicious actor can cause significant CPU consumption due to regex backtracking — even with polynomial patterns. This issue has been patched in com.powsybl:powsybl-commons: 6.7.2.
Related Weaknesses (CWE)
References
- https://github.com/powsybl/powsybl-core/commit/72f79dec6d4292f892fbddd68a19c6793
- https://github.com/powsybl/powsybl-core/releases/tag/v6.7.2
- https://github.com/powsybl/powsybl-core/security/advisories/GHSA-rqpx-f6rc-7hm5
FAQ
What is CVE-2025-48058?
CVE-2025-48058 is a documented vulnerability. PowSyBl (Power System Blocks) is a framework to build power system oriented software. Prior to version 6.7.2, there is a potential polynomial Regular Expression Denial of Service (ReDoS) vulnerability...
How severe is CVE-2025-48058?
CVSS scoring is not yet available for CVE-2025-48058. Check NVD for updates.
Is there a patch for CVE-2025-48058?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.