CVE-2025-23197

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jan 27, 2025

CWE ID 754

Summary

CVE-2025-23197 is a Denial of Service (DoS) vulnerability affecting Matrix bot "matrix-hookshot" versions 6.0.1 and below, as well as 5.4.1 and below. With GitHub support enabled, these versions fail to perform a crucial check, leading to a potential crash upon restart. Malicious untrusted users could exploit this flaw to add their own GitHub organizations, potentially causing disruption to the bot's functionality. This issue is resolved in versions 6.0.2 and 5.4.2.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

El Paso Multi-Agency Tactical Response Information eXchange

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2cHmnn
https://www.cve.org/CVERecord?id=CVE-2025-23197
https://nvd.nist.gov/vuln/detail/CVE-2025-23197

Back to Vulnerability Database

CVE-2025-23197

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations