CVE-2025-6545: pbkdf2 returns predictable uninitialized/zero-filled memory for non-normalized or unimplemented algos
(updated )
This affects both:
- Unsupported algos (e.g.
sha3-256/sha3-512/sha512-256) - Supported but non-normalized algos (e.g.
Sha256/Sha512/SHA1/sha-1/sha-256/sha-512)
All of those work correctly in Node.js, but this polyfill silently returns highly predictable ouput
Under Node.js (only with pbkdf2/browser import, unlikely) / Bun (pbkdf2 top-level import is affected), the memory is not zero-filled but is uninitialized, as Buffer.allocUnsafe is used
Under browsers, it just returns zero-filled buffers (Which is also critical, those are completely unacceptable as kdf output and ruin security)
References
- github.com/advisories/GHSA-h7cp-r72f-jxh6
- github.com/browserify/pbkdf2
- github.com/browserify/pbkdf2/commit/9699045c37a07f8319cfb8d44e2ff4252d7a7078
- github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb
- github.com/browserify/pbkdf2/security/advisories/GHSA-h7cp-r72f-jxh6
- nvd.nist.gov/vuln/detail/CVE-2025-6545
Code Behaviors & Features
Detect and mitigate CVE-2025-6545 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →