We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-31137

Remix and React Router allow URL manipulation via Host / X-Forwarded-Host headers



Description

React Router is a multi-strategy router for React bridging the gap from React 18 to React 19. There is a vulnerability in Remix/React Router that affects all Remix 2 and React Router 7 consumers using the Express adapter. Basically, this vulnerability allows anyone to spoof the URL used in an incoming Request by putting a URL pathname in the port section of a URL that is part of a Host or X-Forwarded-Host header sent to a Remix/React Router request handler. This issue has been patched and released in Remix 2.16.3 and React Router 7.4.1.

Reserved 2025-03-26 | Published 2025-04-01 | Updated 2025-04-02 | Assigner GitHub_M


HIGH: 7.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Product status

>= 7.0.0, < 7.4.1
affected

>= 2.11.1, < 2.16.3
affected

References

github.com/...router/security/advisories/GHSA-4q56-crqp-v477

cve.org (CVE-2025-31137)

nvd.nist.gov (CVE-2025-31137)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-31137

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.