Home / Security updates / Customer Security Advisory: CVE-2025-55182 and CVE-2025-66478
Customer Security Advisory: CVE-2025-55182 and CVE-2025-66478
Security updates detail rendered from /security-updates/upd_48de82f9836a2bd1.
Overview
| ID | upd_48de82f9836a2bd1 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Dotmatics |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_48de82f9836a2bd1 |
| providerId | safebase |
| organizationId | org_40de91edc78a8062 |
| trustCenterId | tc_d7dd9172eacad6bc |
| title | Customer Security Advisory: CVE-2025-55182 and CVE-2025-66478 |
| message | **Date: 5 December 2025** Dotmatics is providing this update to inform our customers of our investigation and response to two notable and recently disclosed vulnerabilities in the JavaScript ecosystem: CVE-2025-55182 and CVE-2025-66478. **1. CVE-2025-55182 React Server Components** On 3 December 2025 at approximately 4:12 PM ET, we became aware of a publicly disclosed vulnerability affecting certain React server-side packages (CVE-2025-55182). Reference materials are available here: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components https://nvd.nist.gov/vuln/detail/CVE-2025-55182 Immediately upon becoming aware of this disclosure, we initiated an internal review to evaluate whether any products within our application portfolio incorporate the affected React server-side components. This review was completed at approximately 6:21 PM ET on 3 December 2025. Based on that assessment, no products within our portfolio were found to use the Re |
| url | - |
| publishedAt | 2025-12-15 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_40de91edc78a8062",
"name": "Dotmatics",
"domains": [
"trustcenter.dotmatics.com",
"dotmatics.com"
]
} |
| trust_center | {
"id": "tc_d7dd9172eacad6bc",
"name": "Dotmatics",
"url": "https://trustcenter.dotmatics.com",
"host": "trustcenter.dotmatics.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_48de82f9836a2bd1",
"company": "/v1/companies/org_40de91edc78a8062",
"trust_center": "/v1/trust-centers/tc_d7dd9172eacad6bc",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_48de82f9836a2bd1JSON