CVE-2021-3765

Опубликовано: 02 нояб. 2021

Источник: redhat

CVSS3: 7.5

EPSS Низкий

Описание

validator.js is vulnerable to Inefficient Regular Expression Complexity

A vulnerability was found in the validator package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.

Затронутые пакеты

Платформа	Пакет	Состояние
Migration Toolkit for Virtualization	migration-toolkit-virtualization/mtv-ui-rhel8	Fix deferred
Red Hat Advanced Cluster Management for Kubernetes 2	rhacm2/console-rhel8	Not affected
Red Hat Advanced Cluster Management for Kubernetes 2	rhacm2/grc-ui-rhel8	Will not fix
Red Hat Decision Manager 7	validator	Out of support scope
Red Hat Enterprise Linux 8	pcs	Not affected
Red Hat OpenShift Container Platform 4	openshift4/ose-console	Will not fix
Red Hat Openshift Container Storage 4	ocs4/mcg-core-rhel8	Affected
Red Hat Openshift Data Foundation 4	noobaa-core-container	Affected
Red Hat Openshift Data Foundation 4	odf4/odf-console-rhel9	Affected
Red Hat Openshift Data Foundation 4	odf4/odf-multicluster-console-rhel8	Affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-1333

https://bugzilla.redhat.com/show_bug.cgi?id=2126299validator: Inefficient Regular Expression Complexity in Validator.js

EPSS

Процентиль: 13%

0.00044

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2021-3765

CVSS3: 7.5

ubuntu

больше 4 лет назад

validator.js is vulnerable to Inefficient Regular Expression Complexity

CVE-2021-3765

CVSS3: 7.5

nvd

больше 4 лет назад

validator.js is vulnerable to Inefficient Regular Expression Complexity

CVE-2021-3765

CVSS3: 7.5

debian

больше 4 лет назад

validator.js is vulnerable to Inefficient Regular Expression Complexit ...

GHSA-qgmg-gppg-76g5

CVSS3: 5.3

github

больше 4 лет назад

Inefficient Regular Expression Complexity in validator.js

EPSS

Процентиль: 13%

0.00044

Низкий

7.5 High

CVSS3