Uncontrolled Resource Consumption in locutus

🗓️ 10 Jun 2021 17:05:25Reported by GitHub Advisory DatabaseType

Uncontrolled Resource Consumption in locutus via gopher_parsedir functio

Reporter	Title	Published	Views	Family All 8
CVE	CVE-2021-23392	8 Jun 202108:15	–	cve
NVD	CVE-2021-23392	8 Jun 202108:15	–	nvd
Veracode	Regular Expression Denial Of Service (ReDoS)	9 Jun 202104:46	–	veracode
Cvelist	CVE-2021-23392 Regular Expression Denial of Service (ReDoS)	8 Jun 202107:45	–	cvelist
OSV	Uncontrolled Resource Consumption in locutus	10 Jun 202117:25	–	osv
OSV	CVE-2021-23392	8 Jun 202108:15	–	osv
Node.js	Uncontrolled Resource Consumption in locutus	10 Jun 202117:26	–	nodejs
Prion	Design/Logic Flaw	8 Jun 202108:15	–	prion

Vulners

Node

locutus locutusRange<2.0.15

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-23392
github	www.github.com/locutusjs/locutus/pull/446
github	www.github.com/locutusjs/locutus/commit/eb863321990e7e5514aa14f68b8d9978ece9e65e
snyk	www.snyk.io/vuln/SNYK-JS-LOCUTUS-1090597
github	www.github.com/advisories/GHSA-39q4-p535-c852

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Jun 2021 17:25Current

7.3High risk

Vulners AI Score7.3

CVSS25

CVSS35.3 - 7.5

EPSS0.00204

CWE-400