Уязвимость CVE-2020-7760

Пакет	Статус	Версия исправления	Релиз	Тип
codemirror-js	fixed	5.58.2+~cs0.23.101-1		package
codemirror-js	not-affected		stretch	package

CVE-2020-7760

CVSS3: 5.3

ubuntu

больше 5 лет назад

This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS vulnerability of the regex is mainly due to the sub-pattern (s|/*.*?*/)*

CVE-2020-7760

CVSS3: 7.5

redhat

больше 5 лет назад

This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS vulnerability of the regex is mainly due to the sub-pattern (s|/*.*?*/)*

CVE-2020-7760

CVSS3: 5.3

nvd

больше 5 лет назад

This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS vulnerability of the regex is mainly due to the sub-pattern (s|/*.*?*/)*

GHSA-4gw3-8f77-f72c

CVSS3: 5.3

github

больше 4 лет назад

Regular expression denial of service in codemirror

BDU:2021-01732

CVSS3: 5.3

fstec

больше 5 лет назад

Уязвимость текстового редактора CodeMirror, связанная с ошибкой механизма контроля расходуемых ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

exploitDog

CVE-2020-7760

Описание

Пакеты

Примечания

Связанные уязвимости