GHSA-xm28-fw2x-fqv2

Опубликовано: 31 мая 2019

Источник: github

Github: Прошло ревью

CVSS3: 7.5

Описание

Denial of Service in foreman

All versions of foreman are vulnerable to Regular Expression Denial of Service when requests to it are made with a specially crafted path.

Upgrade to version 3.0.1.

Наименование

foreman

npm

Затронутые версииВерсия исправления

< 3.0.1

3.0.1

7.5 High

CVSS3

CWE-400

7.5 High

CVSS3

CWE-400