What is the severity of CVE-2025-4215?

CVE-2025-4215 has been classified as problematic due to its potential to cause inefficient regular expression complexity.

How do I fix CVE-2025-4215?

To mitigate CVE-2025-4215, users should update uBlock Origin to a version newer than 1.63.3b16.

What software is affected by CVE-2025-4215?

CVE-2025-4215 affects uBlock Origin versions up to and including 1.63.3b16.

What is the cause of CVE-2025-4215?

CVE-2025-4215 is caused by inefficient regular expression complexity in the currentStateChanged function of the uBlock Origin UI.

Can CVE-2025-4215 be exploited remotely?

Yes, CVE-2025-4215 can potentially be exploited through crafted input to the affected UI component.

Vulnerability/
CVE-2025-4215

low

3.1

CWE

1333 400

2/5/2025

CVE-2025-4215: gorhill uBlock Origin UI 1p-filters.js currentStateChanged redos

First published: Fri May 02 2025(Updated: )

A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as problematic. Affected is the function currentStateChanged of the file src/js/1p-filters.js of the component UI. The manipulation leads to inefficient regular expression complexity. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.63.3b17 is able to address this issue. The patch is identified as eaedaf5b10d2f7857c6b77fbf7d4a80681d4d46c. It is recommended to upgrade the affected component.

Credit: cna@vuldb.com

Affected Software	Affected Version	How to fix
uBlock Origin	<1.63.3b16

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-4215?
CVE-2025-4215 has been classified as problematic due to its potential to cause inefficient regular expression complexity.
How do I fix CVE-2025-4215?
To mitigate CVE-2025-4215, users should update uBlock Origin to a version newer than 1.63.3b16.
What software is affected by CVE-2025-4215?
CVE-2025-4215 affects uBlock Origin versions up to and including 1.63.3b16.
What is the cause of CVE-2025-4215?
CVE-2025-4215 is caused by inefficient regular expression complexity in the currentStateChanged function of the uBlock Origin UI.
Can CVE-2025-4215 be exploited remotely?
Yes, CVE-2025-4215 can potentially be exploited through crafted input to the affected UI component.

collector/mitre-cve
source/MITRE
agent/weakness
agent/references
agent/title
agent/type
agent/first-publish-date
agent/description
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
collector/nvd-api
source/NVD
agent/last-modified-date
agent/author
agent/severity
agent/source
agent/tags
agent/event
vendor/gorhill
canonical/ublock origin

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.