Описание
Versions of the package @eslint/plugin-kit before 0.2.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by exploiting this vulnerability.
EPSS
Процентиль: 44%
0.00213
Низкий
7.5 High
CVSS3
Дефекты
CWE-1333
CWE-770
Связанные уязвимости
CVSS3: 3.5
github
около 1 года назад
Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit
EPSS
Процентиль: 44%
0.00213
Низкий
7.5 High
CVSS3
Дефекты
CWE-1333
CWE-770