Bug 2356710 (CVE-2025-31137) - CVE-2025-31137 react-router: Remix Host Header Spoofing Vulnerability
Summary: CVE-2025-31137 react-router: Remix Host Header Spoofing Vulnerability
Keywords:
Status: NEW
Alias: CVE-2025-31137
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-04-01 19:01 UTC by OSIDB Bzimport
Modified: 2025-06-30 08:27 UTC (History)
133 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2025-04-01 19:01:40 UTC 
React Router is a multi-strategy router for React bridging the gap from React 18 to React 19. There is a vulnerability in Remix/React Router that affects all Remix 2 and React Router 7 consumers using the Express adapter. Basically, this vulnerability allows anyone to spoof the URL used in an incoming Request by putting a URL pathname in the port section of a URL that is part of a Host or X-Forwarded-Host header sent to a Remix/React Router request handler. This issue has been patched and released in Remix 2.16.3 and React Router 7.4.1.
Note You need to log in before you can comment on or make changes to this bug.