CVE-2025-54590 | silverbucket webfinger.js up to 2.8.0 lookup host/path/port server-side request forgery (GHSA-8xq3-w9fx-74rv / EUVD-2025-23378)

A vulnerability, which was classified as critical, has been found in silverbucket webfinger.js up to 2.8.0. Affected by this issue is the function lookup. The manipulation of the argument host/path/port leads to server-side request forgery.

This vulnerability is handled as CVE-2025-54590. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More