exploitDog

GHSA-x6xm-h7hm-7p9q

Опубликовано: 01 июл. 2024

Источник: github

Github: Не прошло ревью

Описание

Async <= 2.6.4 and <= 3.2.5 are vulnerable to ReDoS (Regular Expression Denial of Service) while parsing function in autoinject function.

Async <= 2.6.4 and <= 3.2.5 are vulnerable to ReDoS (Regular Expression Denial of Service) while parsing function in autoinject function.

Ссылки

EPSS

Процентиль: 37%

0.00161

Низкий

CVE ID

Связанные уязвимости

CVE-2024-39249

CVSS3: 7.5

ubuntu

больше 1 года назад

Async <= 2.6.4 and <= 3.2.5 are vulnerable to ReDoS (Regular Expression Denial of Service) while parsing function in autoinject function. NOTE: this is disputed by the supplier because there is no realistic threat model: regular expressions are not used with untrusted input.

CVE-2024-39249

CVSS3: 5.3

redhat

больше 1 года назад

Async <= 2.6.4 and <= 3.2.5 are vulnerable to ReDoS (Regular Expression Denial of Service) while parsing function in autoinject function. NOTE: this is disputed by the supplier because there is no realistic threat model: regular expressions are not used with untrusted input.

CVE-2024-39249

CVSS3: 7.5

nvd

больше 1 года назад

Async <= 2.6.4 and <= 3.2.5 are vulnerable to ReDoS (Regular Expression Denial of Service) while parsing function in autoinject function. NOTE: this is disputed by the supplier because there is no realistic threat model: regular expressions are not used with untrusted input.

EPSS

Процентиль: 37%

0.00161

Низкий

CVE ID