Описание
A vulnerability was found in Woorank robots-txt-guard. It has been rated as problematic. Affected by this issue is the function makePathPattern of the file lib/patterns.js. The manipulation of the argument pattern leads to inefficient regular expression complexity. The exploit has been disclosed to the public and may be used. The name of the patch is c03827cd2f9933619c23894ce7c98401ea824020. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217448.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- Permissions RequiredThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Permissions RequiredThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2021-02-07 (исключая)
cpe:2.3:a:bridgeline:robots-txt-guard:*:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00492
Низкий
3.5 Low
CVSS3
7.5 High
CVSS3
2.3 Low
CVSS2
Дефекты
CWE-1333
Связанные уязвимости
CVSS3: 7.5
github
около 3 лет назад
robots-txt-guard Inefficient Regular Expression Complexity vulnerability
EPSS
Процентиль: 65%
0.00492
Низкий
3.5 Low
CVSS3
7.5 High
CVSS3
2.3 Low
CVSS2
Дефекты
CWE-1333