GHSA-qv66-f876-vjvr

Опубликовано: 11 янв. 2023

Источник: github

Github: Прошло ревью

CVSS3: 7.5

Описание

skeemas Inefficient Regular Expression Complexity vulnerability

A vulnerability was found in Prestaul skeemas and classified as problematic. This issue affects some unknown processing of the file validators/base.js. The manipulation of the argument uri leads to inefficient regular expression complexity. The name of the patch is 65e94eda62dc8dc148ab3e59aa2ccc086ac448fd. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218003.

Ссылки

Пакеты

Наименование

skeemas

npm

Затронутые версииВерсия исправления

< 1.2.5

1.2.5

EPSS

Процентиль: 63%

0.00453

Низкий

7.5 High

CVSS3

CVE ID

CVE-2018-25074

Дефекты

CWE-1333

Связанные уязвимости

CVE-2018-25074

CVSS3: 3.5

nvd

около 3 лет назад

A vulnerability was found in Prestaul skeemas and classified as problematic. This issue affects some unknown processing of the file validators/base.js. The manipulation of the argument uri leads to inefficient regular expression complexity. The patch is named 65e94eda62dc8dc148ab3e59aa2ccc086ac448fd. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218003.

EPSS

Процентиль: 63%

0.00453

Низкий

7.5 High

CVSS3

CVE ID

CVE-2018-25074

Дефекты

CWE-1333