This page collects WhisperX intelligence signals tagged #CVE-2025-68458. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical security vulnerability in the popular JavaScript module bundler, webpack, allows attackers to bypass configured resource restrictions and fetch code from unauthorized external servers. The flaw, tracked as CVE-2025-68458, is present when the experimental `experiments.buildHttp` feature is enabled. It exploit...
A security-critical update to webpack addresses a vulnerability that could allow attackers to bypass URL allow-lists and trigger server-side request forgery (SSRF) during build processes. The patch, released as webpack version 5.104.1, resolves CVE-2025-68458 (GHSA-8fgc-7cc6-rx7x), which affects the experimental `build...