CVE-2018-25061

Name: CVE-2018-25061
Creator: NVD / NIST
Published: 2022-12-31T20:15:08.817+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.5/10EPSS 0.94%

Last modified Jun 17, 2026

CVE-2018-25061 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. A vulnerability was found in rgb2hex up to 0.1.5. It has been rated as problematic. EPSS estimates a 0.94% chance of exploitation in the next 30 days.

Description

A vulnerability was found in rgb2hex up to 0.1.5. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. Upgrading to version 0.1.6 is able to address this issue. The patch is named 9e0c38594432edfa64136fdf7bb651835e17c34f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217151.

Metrics

CVSS 3.1

7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

0.94%

56.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-1333

Affected Software

Vendor	Product	Versions
Rgb2hex Project	Rgb2hex	< 0.1.6

References

https://github.com/christian-bromann/rgb2hex/commit/9e0c38594432edfa64136fdf7bb651835e17c34fPatch
https://github.com/christian-bromann/rgb2hex/releases/tag/v0.1.6Release Notes
https://vuldb.com/?ctiid.217151Third Party Advisory
https://vuldb.com/?id.217151Third Party Advisory
https://github.com/christian-bromann/rgb2hex/commit/9e0c38594432edfa64136fdf7bb651835e17c34fPatch
https://github.com/christian-bromann/rgb2hex/releases/tag/v0.1.6Release Notes
https://vuldb.com/?ctiid.217151Third Party Advisory
https://vuldb.com/?id.217151Third Party Advisory

Timeline

Published: Dec 31, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2018-25061?

How severe is CVE-2018-25061?

CVE-2018-25061 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 0.94% probability of exploitation in the next 30 days.

How do I fix CVE-2018-25061?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-25061?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST