CVE-2017-18077

Опубликовано: 27 янв. 2018

Источник: ubuntu

Приоритет: medium

CVSS2: 5

CVSS3: 7.5

Описание

index.js in brace-expansion before 1.1.7 is vulnerable to Regular Expression Denial of Service (ReDoS) attacks, as demonstrated by an expand argument containing many comma characters.

Релиз	Статус	Примечание
artful	not-affected	1.1.8-1
devel	not-affected
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	1.1.8-1
xenial	DNE

Показывать по

Ссылки на источники

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2017-18077

CVSS3: 5.3

redhat

почти 9 лет назад

index.js in brace-expansion before 1.1.7 is vulnerable to Regular Expression Denial of Service (ReDoS) attacks, as demonstrated by an expand argument containing many comma characters.

CVE-2017-18077

CVSS3: 7.5

nvd

около 8 лет назад

index.js in brace-expansion before 1.1.7 is vulnerable to Regular Expression Denial of Service (ReDoS) attacks, as demonstrated by an expand argument containing many comma characters.

CVE-2017-18077

CVSS3: 7.5

debian

около 8 лет назад

index.js in brace-expansion before 1.1.7 is vulnerable to Regular Expr ...

GHSA-832h-xg76-4gv6

CVSS3: 7.5

github

около 8 лет назад

ReDoS in brace-expansion

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2017-18077

Описание

Пакет node-brace-expansion

Ссылки на источники

Связанные уязвимости