{"id":"AZL-66570","summary":"CVE-2025-9288 affecting package reaper 3.1.1-22","details":"Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects sha.js: through 2.4.11.","modified":"2026-04-21T04:37:55.058450Z","published":"2025-08-20T22:15:30Z","upstream":["CVE-2025-9288"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-9288"}],"affected":[{"package":{"name":"reaper","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/reaper"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"3.1.1-22"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-66570.json"}}],"schema_version":"1.7.5"}