This repository has been archived by the owner on Jun 2, 2023. It is now read-only.
Cx8bc4df28-fcf5 @ Npm-debug-4.3.2 #7
Labels
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Vulnerable Package issue exists @ Npm-debug-4.3.2 in branch main
In NPM
debug, theenablefunction accepts a regular expression from user input without escaping it. Arbitrary regular expressions could be injected to cause a Denial of Service attack on the user's browser, otherwise known as a ReDoS (Regular Expression Denial of Service). This is a different issue than CVE-2017-16137.Namespace: yangricardo
Repository: nextjs-tailwind-reacthook-form-ant-design-template
Repository Url: https://github.com/yangricardo/nextjs-tailwind-reacthook-form-ant-design-template
CxAST-Project: yangricardo/nextjs-tailwind-reacthook-form-ant-design-template
CxAST platform scan: 1c12eb90-4f8a-4eb7-a810-acf7fa5369de
Branch: main
Application: nextjs-tailwind-reacthook-form-ant-design-template
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-1333
Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 4.3.3
References
Issue
Other
POC/Exploit
The text was updated successfully, but these errors were encountered: