Описание
Handlebars before 4.4.5 allows Regular Expression Denial of Service (ReDoS) because of eager matching. The parser may be forced into an endless loop while processing crafted templates. This may allow attackers to exhaust system resources.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | not-affected | 3:4.7.2-1 |
| esm-apps/jammy | not-affected | |
| esm-apps/noble | not-affected | |
| esm-infra-legacy/trusty | DNE | |
| focal | not-affected | 3:4.7.2-1 |
| groovy | not-affected | |
| hirsute | not-affected |
Показывать по
EPSS
7.8 High
CVSS2
7.5 High
CVSS3
Связанные уязвимости
Handlebars before 4.4.5 allows Regular Expression Denial of Service (ReDoS) because of eager matching. The parser may be forced into an endless loop while processing crafted templates. This may allow attackers to exhaust system resources.
Handlebars before 4.4.5 allows Regular Expression Denial of Service (ReDoS) because of eager matching. The parser may be forced into an endless loop while processing crafted templates. This may allow attackers to exhaust system resources.
Handlebars before 4.4.5 allows Regular Expression Denial of Service (R ...
Regular Expression Denial of Service in Handlebars
EPSS
7.8 High
CVSS2
7.5 High
CVSS3