QwikSec

Security Database

CVE

CWE

Training

CVE-2025-48058

Published: Jun 20, 2025

Modified: Jun 20, 2025

PUBLISHED

Description

PowSyBl (Power System Blocks) is a framework to build power system oriented software. Prior to version 6.7.2, there is a potential polynomial Regular Expression Denial of Service (ReDoS) vulnerability in the PowSyBl's DataSource mechanism. If successfully exploited, a malicious actor can cause significant CPU consumption due to regex backtracking — even with polynomial patterns. This issue has been patched in com.powsybl:powsybl-commons: 6.7.2.

Vendor	Product	Versions
powsybl	powsybl-core	affected `< 6.7.2`

Weaknesses (CWE)

References

https://github.com/powsybl/powsybl-core/security/advisories/GHSA-rqpx-f6rc-7hm5

x_refsource_CONFIRM

https://github.com/powsybl/powsybl-core/commit/72f79dec6d4292f892fbddd68a19c67935c7d81f

x_refsource_MISC

https://github.com/powsybl/powsybl-core/releases/tag/v6.7.2

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.