Описание
Regular Expression Denial of Service in ssri
Version of ssri prior to 5.2.2 are vulnerable to regular expression denial of service (ReDoS) when using strict mode.
Recommendation
Update to version 5.2.2 or later.
Пакеты
Наименование
ssri
npm
Затронутые версииВерсия исправления
< 5.2.2
5.2.2
Связанные уязвимости
CVSS3: 5.9
ubuntu
почти 8 лет назад
index.js in the ssri module before 5.2.2 for Node.js is prone to a regular expression denial of service vulnerability in strict mode functionality via a long base64 hash string.
CVSS3: 5.9
nvd
почти 8 лет назад
index.js in the ssri module before 5.2.2 for Node.js is prone to a regular expression denial of service vulnerability in strict mode functionality via a long base64 hash string.
CVSS3: 5.9
debian
почти 8 лет назад
index.js in the ssri module before 5.2.2 for Node.js is prone to a reg ...