Lucene search
AnonymousNODEJS:1641HistoryMar 01, 2021 - 8:54 p.m.
Regular Expression Denial of Service
2021-03-0120:54:05
Anonymous
www.npmjs.com
41
0.002 Low
EPSS
Percentile
55.4%
Overview
Impact
@progfay/scrapbox-parser before 6.0.3 and 7.0.2 are vulnerable to Regular Expression Denial of Service (ReDoS) in DecorationNode, StrongNode and ExternalLinkNode.
An attacker may be able to craft text which causes the application to consume an excessive amount of CPU.
Recommendation
Upgrade to version 6.0.3, or 7.0.2, or later
References
| CPE | Name | Operator | Version |
|---|---|---|---|
| @progfay/scrapbox-parser | lt | 6.0.3||>=7.0.0 <7.0.2 |
Related
github
github
Regular expression Denial of Service in @progfay/scrapbox-parser
2021-03-01 20:44:44
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2021-02-22 04:05:27
osv
osv
Regular expression Denial of Service in @progfay/scrapbox-parser
2021-03-01 20:44:44
nvd
nvd
CVE-2021-27405
2021-02-19 05:15:19
prion
prion
Design/Logic Flaw
2021-02-19 05:15:00
cve
cve
CVE-2021-27405
2021-02-19 05:15:19
cvelist
cvelist
CVE-2021-27405
2021-02-19 04:03:48