High severityNVD Advisory· Published Sep 30, 2025· Updated Oct 3, 2025
CVE-2025-56572
CVE-2025-56572
Description
An issue in finance.js v.4.1.0 allows a remote attacker to cause a denial of service via the seekZero() parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
financejsnpm | <= 4.1.0 | — |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-5q7q-p8pc-782hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-56572ghsaADVISORY
- financejs.comghsaWEB
- medium.com/@nakah_/cve-2025-56571-and-cve-2025-56572-denial-of-service-vulnerabilities-in-finance-js-78f8b399f53bghsaWEB
- raw.githack.com/ebradyjobory/finance.js/6d571ea2a86d08491ceb584e292e9b76b0a60636/finance.jsghsaWEB
News mentions
0No linked articles in our index yet.