CVE-2018-1109

Опубликовано: 30 мар. 2021

Источник: debian

Описание

A vulnerability was found in Braces versions 2.2.0 and above, prior to 2.3.1. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
node-braces	not-affected			package

Примечания

https://snyk.io/vuln/npm:braces:20180219
Introduced by: https://github.com/micromatch/braces/commit/dcc1acab4de9a43e86ab4be4acde209ff1dca113 (2.2.0)
Fixed by: https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451 (2.3.1)
Cf. analysis in https://bugs.debian.org/927716#38

Связанные уязвимости

CVE-2018-1109

CVSS3: 5.3

ubuntu

почти 5 лет назад

A vulnerability was found in Braces versions 2.2.0 and above, prior to 2.3.1. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks.

CVE-2018-1109

CVSS3: 4

redhat

почти 8 лет назад

A vulnerability was found in Braces versions prior to 2.3.1. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks.

CVE-2018-1109

CVSS3: 5.3

nvd

почти 5 лет назад

A vulnerability was found in Braces versions 2.2.0 and above, prior to 2.3.1. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks.

GHSA-cwfw-4gq5-mrqx

github

около 4 лет назад

Regular Expression Denial of Service (ReDoS) in braces

BDU:2021-02845

CVSS3: 5.3

fstec

почти 8 лет назад

Уязвимость пакета Braces пакетного менеджера NPM, позволяющая нарушителю вызвать отказ в обслуживании