Vulnerability Description
Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/to-buffer.Js. This issue affects pbkdf2: from 3.0.10 through 3.1.2.
Related Weaknesses (CWE)
References
- https://github.com/browserify/pbkdf2/commit/9699045c37a07f8319cfb8d44e2ff4252d7a
- https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde
- https://github.com/browserify/pbkdf2/security/advisories/GHSA-h7cp-r72f-jxh6
FAQ
What is CVE-2025-6545?
CVE-2025-6545 is a documented vulnerability. Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/to-buffer.Js. This issue affects pbkdf2: fr...
How severe is CVE-2025-6545?
CVSS scoring is not yet available for CVE-2025-6545. Check NVD for updates.
Is there a patch for CVE-2025-6545?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.