CVE-2025-6545
Severity CVSS v4.0:
CRITICAL
Type:
CWE-20
Input Validation
Publication date:
23/06/2025
Last modified:
23/06/2025
Description
Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/to-buffer.Js.<br />
<br />
This issue affects pbkdf2: from 3.0.10 through 3.1.2.
Impact
Base Score 4.0
9.10
Severity 4.0
CRITICAL