CVE-2025-23166: The C++ method SignTraits::DeriveBits() may incorrectly call ThrowException() based on user-supplied inputs when executing in a background thread, crashing the…

high7.5CVSS 3.0

AVNACLPRNUINSUCNINAH

The C++ method SignTraits::DeriveBits() may incorrectly call ThrowException() based on user-supplied inputs when executing in a background thread, crashing the Node.js process. Such cryptographic operations are commonly applied to untrusted inputs. Thus, this mechanism potentially allows an adversary to remotely crash a Node.js runtime.

Affected

24 ranges

Vendor	Product	Version range	Fixed in
debian	nodejs	< nodejs 20.19.2+dfsg-1 (forky)	nodejs 20.19.2+dfsg-1 (forky)
nodejs	node	>= 10.0 < 10.*	10.*
nodejs	node	>= 11.0 < 11.*	11.*
nodejs	node	>= 12.0 < 12.*	12.*
nodejs	node	>= 13.0 < 13.*	13.*
nodejs	node	>= 14.0 < 14.*	14.*
nodejs	node	>= 15.0 < 15.*	15.*
nodejs	node	>= 16.0 < 16.*	16.*
nodejs	node	>= 17.0 < 17.*	17.*
nodejs	node	>= 18.0 < 18.*	18.*
nodejs	node	>= 19.0 < 19.*	19.*
nodejs	node	20.0 – 20.19.1	—
nodejs	node	>= 21.0 < 21.*	21.*
nodejs	node	22.0 – 22.15.0	—
nodejs	node	23.0 – 23.11.0	—
nodejs	node	24.0 – 24.0.1	—
nodejs	node	>= 4.0 < 4.*	4.*
nodejs	node	>= 5.0 < 5.*	5.*
nodejs	node	>= 6.0 < 6.*	6.*
nodejs	node	>= 7.0 < 7.*	7.*
nodejs	node	>= 8.0 < 8.*	8.*
nodejs	node	>= 9.0 < 9.*	9.*
nodejs	nodejs	>= 0 < 20.19.2+dfsg-1	20.19.2+dfsg-1
nodejs	nodejs	>= 0 < 20.19.2+dfsg-1	20.19.2+dfsg-1

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

osv7.5HIGH