Описание
ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.
Ссылки
- PatchThird Party Advisory
- ExploitPatchThird Party Advisory
- ExploitThird Party Advisory
- Product
- PatchThird Party Advisory
- PatchThird Party Advisory
- ExploitPatchThird Party Advisory
- ExploitThird Party Advisory
- Product
- PatchThird Party Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
7.5 High
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.
ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.
ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expre ...
Уязвимость библиотеки ssri прикладного программного обеспечения Аврора Центр, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3
4.3 Medium
CVSS2