Lucene search
SnykCVELIST:CVE-2021-23341HistoryFeb 18, 2021 - 4:00 p.m.
CVE-2021-23341 Regular Expression Denial of Service (ReDoS)
2021-02-1816:00:29
snyk
www.cve.org
1
cve-2021-23341
redos
prismjs package
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.8
Confidence
High
EPSS
0.007
Percentile
79.6%
The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components.
CNA Affected
[
{
"product": "prismjs",
"vendor": "n/a",
"versions": [
{
"lessThan": "1.23.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2021-23341
2021-02-18 16:15:14
nodejs
nodejs
Regular Expression Denial of Service
2021-03-01 19:55:37
prion
prion
Design/Logic Flaw
2021-02-18 16:15:00
ubuntucve
ubuntucve
CVE-2021-23341
2021-02-18 00:00:00
debiancve
debiancve
CVE-2021-23341
2021-02-18 16:15:14
redhatcve
redhatcve
CVE-2021-23341
2021-02-18 21:27:55
osv
osv
Denial of service in prismjs
2021-03-01 19:52:33
CVE-2021-23341
2021-02-18 16:15:14
github
github
Denial of service in prismjs
2021-03-01 19:52:33
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2021-02-19 02:11:42
cve
cve
CVE-2021-23341
2021-02-18 16:15:14
ibm
ibm
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.8
Confidence
High
EPSS
0.007
Percentile
79.6%
Related for CVELIST:CVE-2021-23341