Medium severity4.3NVD Advisory· Published Jun 9, 2025· Updated Apr 29, 2026
CVE-2025-5895
CVE-2025-5895
Description
A vulnerability was found in Metabase 54.10. It has been classified as problematic. This affects the function parseDataUri of the file frontend/src/metabase/lib/dom.js. The manipulation leads to inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The patch is named 4454ebbdc7719016bf80ca0f34859ce5cee9f6b0. It is recommended to apply a patch to fix this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
6- github.com/metabase/metabase/commit/4454ebbdc7719016bf80ca0f34859ce5cee9f6b0nvdPatch
- github.com/metabase/metabase/pull/57011nvdExploitIssue TrackingPatch
- github.com/metabase/metabase/pull/57011nvdExploitIssue TrackingPatch
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.