{"api_version":"1","generated_at":"2026-07-04T09:33:39+00:00","cve":"CVE-2025-69873","urls":{"html":"https://cve.report/CVE-2025-69873","api":"https://cve.report/api/cve/CVE-2025-69873.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2025-69873","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2025-69873"},"summary":{"title":"CVE-2025-69873","description":"ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., \"^(a|a)*$\") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. This issue is also fixed in version 6.14.0.","state":"PUBLISHED","assigner":"mitre","published_at":"2026-02-11 19:15:50","updated_at":"2026-06-30 05:17:30"},"problem_types":["CWE-1333","CWE-400","CWE-1333 CWE-1333 Inefficient Regular Expression Complexity","CWE-400 CWE-400 Uncontrolled Resource Consumption","CWE-1333 Inefficient Regular Expression Complexity"],"metrics":[{"version":"3.1","source":"ADP","type":"DECLARED","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},{"version":"3.1","source":"ADP","type":"CVSS","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},{"version":"3.1","source":"cve@mitre.org","type":"Secondary","score":"2.9","severity":"LOW","vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":2.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"2.9","severity":"LOW","vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","data":{"baseScore":2.9,"baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.1"}}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:5807","name":"https://access.redhat.com/errata/RHSA-2026:5807","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:5910","name":"https://access.redhat.com/errata/RHSA-2026:5910","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:13512","name":"https://access.redhat.com/errata/RHSA-2026:13512","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:10093","name":"https://access.redhat.com/errata/RHSA-2026:10093","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:7314","name":"https://access.redhat.com/errata/RHSA-2026:7314","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439070","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2439070","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/security/cve/CVE-2025-69873","name":"https://access.redhat.com/security/cve/CVE-2025-69873","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/ajv-validator/ajv/releases/tag/v6.14.0","name":"https://github.com/ajv-validator/ajv/releases/tag/v6.14.0","refsource":"cve@mitre.org","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/ajv-validator/ajv/pull/2588","name":"https://github.com/ajv-validator/ajv/pull/2588","refsource":"cve@mitre.org","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69873.json","name":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69873.json","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:14774","name":"https://access.redhat.com/errata/RHSA-2026:14774","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:6802","name":"https://access.redhat.com/errata/RHSA-2026:6802","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:5907","name":"https://access.redhat.com/errata/RHSA-2026:5907","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:6568","name":"https://access.redhat.com/errata/RHSA-2026:6568","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:9742","name":"https://access.redhat.com/errata/RHSA-2026:9742","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md","name":"https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md","refsource":"cve@mitre.org","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:5168","name":"https://access.redhat.com/errata/RHSA-2026:5168","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:26214","name":"https://access.redhat.com/errata/RHSA-2026:26214","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:26211","name":"https://access.redhat.com/errata/RHSA-2026:26211","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:6277","name":"https://access.redhat.com/errata/RHSA-2026:6277","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:33371","name":"https://access.redhat.com/errata/RHSA-2026:33371","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:16874","name":"https://access.redhat.com/errata/RHSA-2026:16874","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:15091","name":"https://access.redhat.com/errata/RHSA-2026:15091","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:6309","name":"https://access.redhat.com/errata/RHSA-2026:6309","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/ajv-validator/ajv/pull/2590","name":"https://github.com/ajv-validator/ajv/pull/2590","refsource":"cve@mitre.org","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:6567","name":"https://access.redhat.com/errata/RHSA-2026:6567","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/advisories/GHSA-2g4f-4pwh-qvx6","name":"https://github.com/advisories/GHSA-2g4f-4pwh-qvx6","refsource":"cve@mitre.org","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:6192","name":"https://access.redhat.com/errata/RHSA-2026:6192","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/github/advisory-database/pull/6991","name":"https://github.com/github/advisory-database/pull/6991","refsource":"cve@mitre.org","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:19712","name":"https://access.redhat.com/errata/RHSA-2026:19712","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:6497","name":"https://access.redhat.com/errata/RHSA-2026:6497","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2025-69873","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-69873","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"ajv.js","product":"ajv","version":"affected 6.14.0 semver","platforms":[]},{"source":"CNA","vendor":"ajv.js","product":"ajv","version":"affected 7.0.0 8.17.2 semver","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.5 for RHEL 8","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.5 for RHEL 9","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6 for RHEL 9","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Network Observability (NETOBSERV) 1.11.2","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Developer Hub 1.8","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Developer Hub 1.9","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift AI 2.16","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift AI 3.3","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.19","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.27","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Quay 3.14","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Quay 3.15","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Quay 3.16","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Quay 3.9","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Satellite 6.18","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Confidential Compute Attestation","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Node HealthCheck Operator","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"OpenShift Pipelines","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat 3scale API Management Platform 2","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat build of Apicurio Registry 2","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Connectivity Link 1","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Data Grid 8","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Edge Manager 1","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Fuse 7","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift GitOps","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Single Sign-On 7","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"streams for Apache Kafka 3","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6 for RHEL 10","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Cryostat 4","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Gatekeeper 3","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Network Observability Operator","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"OpenShift Service Mesh 2","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"OpenShift Service Mesh 3","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat AMQ Broker 7","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat build of Apache Camel - HawtIO 4","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat build of OptaPlanner 8","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Directory Server 11","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Directory Server 12","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Directory Server 13","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Process Automation 7","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Satellite 6","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"streams for Apache Kafka 2","version":"","platforms":[]}],"timeline":[{"source":"ADP","time":"2026-02-11T19:01:32.953Z","lang":"en","value":"Reported to Red Hat."},{"source":"ADP","time":"2026-02-11T00:00:00.000Z","lang":"en","value":"Made public."}],"solutions":[{"source":"ADP","title":"","value":"RHSA-2026:33371: Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:13512: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:6277: Red Hat Ansible Automation Platform 2.6 for RHEL 9","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:16874: Network Observability (NETOBSERV) 1.11.2","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:6309: Red Hat Ansible Automation Platform 2.6","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:9742: Red Hat Developer Hub 1.8","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:6802: Red Hat Developer Hub 1.9","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:5807: Red Hat OpenShift AI 2.16","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:19712: Red Hat OpenShift AI 3.3","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:15091: Red Hat OpenShift Container Platform 4.14","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:14774: Red Hat OpenShift Container Platform 4.15","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:5910: Red Hat OpenShift Container Platform 4.16","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:5907: Red Hat OpenShift Container Platform 4.17","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:10093: Red Hat OpenShift Container Platform 4.19","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:6192: Red Hat OpenShift Dev Spaces 3.27","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:7314: Red Hat Quay 3.14","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:6568: Red Hat Quay 3.15","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:6497: Red Hat Quay 3.16","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:6567: Red Hat Quay 3.16","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:5168: Red Hat Quay 3.9","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:26214: Red Hat Satellite 6.18","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:26211: Red Hat Satellite 6.18","time":"","lang":"en"}],"workarounds":[{"source":"ADP","title":"","value":"To mitigate this issue, disable the $data feature if your application does not require it. If $data must be used, implement strict validation of the input fields that are referenced by the pattern keyword to ensure they contain only expected and safe characters.","time":"","lang":"en"}],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2025","cve_id":"69873","cve":"CVE-2025-69873","epss":"0.004920000","percentile":"0.386670000","score_date":"2026-07-03","updated_at":"2026-07-04 00:02:19"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},{"other":{"content":{"id":"CVE-2025-69873","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-02-12T15:13:03.482882Z","version":"2.0.3"},"type":"ssvc"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-400","description":"CWE-400 Uncontrolled Resource Consumption","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-03-03T17:25:31.651Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"},{"affected":[{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7"],"defaultStatus":"affected","product":"Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:ansible_automation_platform:2.5::el8","cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8","cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"],"defaultStatus":"affected","product":"Red Hat Ansible Automation Platform 2.5 for RHEL 8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:ansible_automation_platform:2.5::el9","cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9","cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"],"defaultStatus":"affected","product":"Red Hat Ansible Automation Platform 2.5 for RHEL 9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el9","cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9","cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9"],"defaultStatus":"affected","product":"Red Hat Ansible Automation Platform 2.6 for RHEL 9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:network_observ_optr:1.11::el9"],"defaultStatus":"affected","product":"Network Observability (NETOBSERV) 1.11.2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el9"],"defaultStatus":"affected","product":"Red Hat Ansible Automation Platform 2.6","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:rhdh:1.8::el9"],"defaultStatus":"affected","product":"Red Hat Developer Hub 1.8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:rhdh:1.9::el9"],"defaultStatus":"affected","product":"Red Hat Developer Hub 1.9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_ai:2.16::el8"],"defaultStatus":"affected","product":"Red Hat OpenShift AI 2.16","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_ai:3.3::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift AI 3.3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.14::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.14","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.15::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.15","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.16::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.16","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.17::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.17","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.19::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.19","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_devspaces:3.27::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Dev Spaces 3.27","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:quay:3.14::el8"],"defaultStatus":"affected","product":"Red Hat Quay 3.14","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:quay:3.15::el8"],"defaultStatus":"affected","product":"Red Hat Quay 3.15","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:quay:3.16::el9"],"defaultStatus":"affected","product":"Red Hat Quay 3.16","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:quay:3.9::el8"],"defaultStatus":"affected","product":"Red Hat Quay 3.9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:satellite:6.18::el9"],"defaultStatus":"affected","product":"Red Hat Satellite 6.18","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:confidential_compute_attestation:1"],"defaultStatus":"affected","product":"Confidential Compute Attestation","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:logging:5"],"defaultStatus":"affected","product":"Logging Subsystem for Red Hat OpenShift","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:workload_availability_nhc:0"],"defaultStatus":"affected","product":"Node HealthCheck Operator","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_pipelines:1"],"defaultStatus":"affected","product":"OpenShift Pipelines","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:red_hat_3scale_amp:2"],"defaultStatus":"affected","product":"Red Hat 3scale API Management Platform 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:ansible_automation_platform:2"],"defaultStatus":"affected","product":"Red Hat Ansible Automation Platform 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_registry:2"],"defaultStatus":"affected","product":"Red Hat build of Apicurio Registry 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:connectivity_link:1"],"defaultStatus":"affected","product":"Red Hat Connectivity Link 1","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_data_grid:8"],"defaultStatus":"affected","product":"Red Hat Data Grid 8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:edge_manager:1"],"defaultStatus":"affected","product":"Red Hat Edge Manager 1","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:enterprise_linux_ai:3"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_fuse:7"],"defaultStatus":"affected","product":"Red Hat Fuse 7","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_data_foundation:4"],"defaultStatus":"affected","product":"Red Hat Openshift Data Foundation 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_devspaces:3"],"defaultStatus":"affected","product":"Red Hat OpenShift Dev Spaces","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_gitops:1"],"defaultStatus":"affected","product":"Red Hat OpenShift GitOps","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:red_hat_single_sign_on:7"],"defaultStatus":"affected","product":"Red Hat Single Sign-On 7","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:amq_streams:3"],"defaultStatus":"affected","product":"streams for Apache Kafka 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el10","cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10"],"defaultStatus":"unaffected","product":"Red Hat Ansible Automation Platform 2.6 for RHEL 10","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:cryostat:4"],"defaultStatus":"unaffected","product":"Cryostat 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:gatekeeper:3"],"defaultStatus":"unaffected","product":"Gatekeeper 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:multicluster_engine"],"defaultStatus":"unaffected","product":"Multicluster Engine for Kubernetes","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:network_observ_optr:1"],"defaultStatus":"unaffected","product":"Network Observability Operator","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:2"],"defaultStatus":"unaffected","product":"OpenShift Service Mesh 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:3"],"defaultStatus":"unaffected","product":"OpenShift Service Mesh 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:acm:2"],"defaultStatus":"unaffected","product":"Red Hat Advanced Cluster Management for Kubernetes 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:advanced_cluster_security:4"],"defaultStatus":"unaffected","product":"Red Hat Advanced Cluster Security 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:amq_broker:7"],"defaultStatus":"unaffected","product":"Red Hat AMQ Broker 7","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:apache_camel_hawtio:4"],"defaultStatus":"unaffected","product":"Red Hat build of Apache Camel - HawtIO 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:optaplanner:::el6"],"defaultStatus":"unaffected","product":"Red Hat build of OptaPlanner 8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:directory_server:11"],"defaultStatus":"unaffected","product":"Red Hat Directory Server 11","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:directory_server:12"],"defaultStatus":"unaffected","product":"Red Hat Directory Server 12","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:directory_server:13"],"defaultStatus":"unaffected","product":"Red Hat Directory Server 13","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:10"],"defaultStatus":"unaffected","product":"Red Hat Enterprise Linux 10","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:8"],"defaultStatus":"unaffected","product":"Red Hat Enterprise Linux 8","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:9"],"defaultStatus":"unaffected","product":"Red Hat Enterprise Linux 9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"],"defaultStatus":"unaffected","product":"Red Hat JBoss Enterprise Application Platform 7","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8"],"defaultStatus":"unaffected","product":"Red Hat JBoss Enterprise Application Platform 8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jbosseapxp"],"defaultStatus":"unaffected","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_ai"],"defaultStatus":"unaffected","product":"Red Hat OpenShift AI (RHOAI)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4"],"defaultStatus":"unaffected","product":"Red Hat OpenShift Container Platform 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"],"defaultStatus":"unaffected","product":"Red Hat Process Automation 7","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:satellite:6"],"defaultStatus":"unaffected","product":"Red Hat Satellite 6","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:amq_streams:2"],"defaultStatus":"unaffected","product":"streams for Apache Kafka 2","vendor":"Red Hat"}],"datePublic":"2026-02-11T00:00:00.000Z","descriptions":[{"lang":"en","value":"A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Important"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1333","description":"Inefficient Regular Expression Complexity","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-30T03:15:35.561Z","orgId":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","shortName":"redhat-SADP"},"references":[{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2025-69873"},{"name":"RHBZ#2439070","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439070"},{"tags":["x_sadp-csaf-vex"],"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69873.json"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:33371"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:13512"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6277"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:16874"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6309"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:9742"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6802"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:5807"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:19712"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:15091"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:14774"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:5910"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:5907"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:10093"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6192"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:7314"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6568"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6497"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6567"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:5168"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:26214"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:26211"}],"solutions":[{"lang":"en","value":"RHSA-2026:33371: Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server"},{"lang":"en","value":"RHSA-2026:13512: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"},{"lang":"en","value":"RHSA-2026:6277: Red Hat Ansible Automation Platform 2.6 for RHEL 9"},{"lang":"en","value":"RHSA-2026:16874: Network Observability (NETOBSERV) 1.11.2"},{"lang":"en","value":"RHSA-2026:6309: Red Hat Ansible Automation Platform 2.6"},{"lang":"en","value":"RHSA-2026:9742: Red Hat Developer Hub 1.8"},{"lang":"en","value":"RHSA-2026:6802: Red Hat Developer Hub 1.9"},{"lang":"en","value":"RHSA-2026:5807: Red Hat OpenShift AI 2.16"},{"lang":"en","value":"RHSA-2026:19712: Red Hat OpenShift AI 3.3"},{"lang":"en","value":"RHSA-2026:15091: Red Hat OpenShift Container Platform 4.14"},{"lang":"en","value":"RHSA-2026:14774: Red Hat OpenShift Container Platform 4.15"},{"lang":"en","value":"RHSA-2026:5910: Red Hat OpenShift Container Platform 4.16"},{"lang":"en","value":"RHSA-2026:5907: Red Hat OpenShift Container Platform 4.17"},{"lang":"en","value":"RHSA-2026:10093: Red Hat OpenShift Container Platform 4.19"},{"lang":"en","value":"RHSA-2026:6192: Red Hat OpenShift Dev Spaces 3.27"},{"lang":"en","value":"RHSA-2026:7314: Red Hat Quay 3.14"},{"lang":"en","value":"RHSA-2026:6568: Red Hat Quay 3.15"},{"lang":"en","value":"RHSA-2026:6497: Red Hat Quay 3.16"},{"lang":"en","value":"RHSA-2026:6567: Red Hat Quay 3.16"},{"lang":"en","value":"RHSA-2026:5168: Red Hat Quay 3.9"},{"lang":"en","value":"RHSA-2026:26214: Red Hat Satellite 6.18"},{"lang":"en","value":"RHSA-2026:26211: Red Hat Satellite 6.18"}],"timeline":[{"lang":"en","time":"2026-02-11T19:01:32.953Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-02-11T00:00:00.000Z","value":"Made public."}],"title":"ajv: ReDoS via $data reference","workarounds":[{"lang":"en","value":"To mitigate this issue, disable the $data feature if your application does not require it. If $data must be used, implement strict validation of the input fields that are referenced by the pattern keyword to ensure they contain only expected and safe characters."}],"x_adpType":"supplier","x_generator":{"engine":"sadp-cli 1.0.0"}}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"ajv","vendor":"ajv.js","versions":[{"lessThan":"6.14.0","status":"affected","version":"0","versionType":"semver"},{"lessThan":"8.17.2","status":"affected","version":"7.0.0","versionType":"semver"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:a:ajv.js:ajv:*:*:*:*:*:*:*:*","versionEndExcluding":"6.14.0","vulnerable":true},{"criteria":"cpe:2.3:a:ajv.js:ajv:*:*:*:*:*:*:*:*","versionEndExcluding":"8.17.2","versionStartIncluding":"7.0.0","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., \"^(a|a)*$\") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. This issue is also fixed in version 6.14.0."}],"metrics":[{"cvssV3_1":{"baseScore":2.9,"baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1333","description":"CWE-1333 Inefficient Regular Expression Complexity","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-03-02T20:22:25.698Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"url":"https://github.com/advisories/GHSA-2g4f-4pwh-qvx6"},{"url":"https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md"},{"url":"https://github.com/github/advisory-database/pull/6991"},{"url":"https://github.com/ajv-validator/ajv/pull/2588"},{"url":"https://github.com/ajv-validator/ajv/releases/tag/v6.14.0"},{"url":"https://github.com/ajv-validator/ajv/pull/2590"}],"x_generator":{"engine":"enrichogram 0.0.1"}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2025-69873","datePublished":"2026-02-11T00:00:00.000Z","dateReserved":"2026-01-09T00:00:00.000Z","dateUpdated":"2026-06-30T03:15:35.561Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-02-11 19:15:50","lastModifiedDate":"2026-06-30 05:17:30","problem_types":["CWE-1333","CWE-400","CWE-1333 CWE-1333 Inefficient Regular Expression Complexity","CWE-400 CWE-400 Uncontrolled Resource Consumption","CWE-1333 Inefficient Regular Expression Complexity"],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":2.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.4,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T15:13:03.482882Z","id":"CVE-2025-69873","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2025","CveId":"69873","Ordinal":"1","Title":"CVE-2025-69873","CVE":"CVE-2025-69873","Year":"2025"},"notes":[{"CveYear":"2025","CveId":"69873","Ordinal":"1","NoteData":"ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., \"^(a|a)*$\") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. This issue is also fixed in version 6.14.0.","Type":"Description","Title":"CVE-2025-69873"}]}}}