CVE-2021-23341

Опубликовано: 18 фев. 2021

Источник: debian

EPSS Низкий

Описание

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
node-prismjs	fixed	1.23.0+dfsg-1		package

Примечания

https://github.com/PrismJS/prism/commit/c2f6a64426f44497a675cb32dccb079b3eff1609 (v1.23.0)
https://github.com/PrismJS/prism/pull/2584
https://github.com/PrismJS/prism/issues/2583

EPSS

Процентиль: 82%

0.01762

Низкий

Связанные уязвимости

CVE-2021-23341

CVSS3: 7.5

ubuntu

почти 5 лет назад

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components.

CVE-2021-23341

CVSS3: 7.5

redhat

почти 5 лет назад

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components.

CVE-2021-23341

CVSS3: 7.5

nvd

почти 5 лет назад

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components.

GHSA-h4hr-7fg3-h35w

github

почти 5 лет назад

Denial of service in prismjs

EPSS

Процентиль: 82%

0.01762

Низкий