Lucene search

CVE-2021-4299

🗓️ 02 Jan 2023 08:10:15Reported by [email protected]Type

A problematic vulnerability (CVE-2021-4299) in cronvel string-kit up to 0.12.7 allows remote attackers to initiate an attack via inefficient regex complexity in naturalSort function of lib/naturalSort.js, upgrade to 0.12.8 with patch identifier 9cac4c298ee92c1695b0695951f1488884a7ca73 recommende

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Prion	Design/Logic Flaw	2 Jan 202308:15	–	prion
OSV	CVE-2021-4299	2 Jan 202308:15	–	osv
OSV	GHSA-PFRM-4RJW-G9Q5 string-kit Inefficient Regular Expression Complexity vulnerability	2 Jan 202309:31	–	osv
Github Security Blog	string-kit Inefficient Regular Expression Complexity vulnerability	2 Jan 202309:31	–	github
Cvelist	CVE-2021-4299 cronvel string-kit naturalSort.js naturalSort redos	2 Jan 202307:57	–	cvelist
Veracode	Regular Expression Denial Of Service (ReDoS)	12 Jan 202304:43	–	veracode
CVE	CVE-2021-4299	2 Jan 202308:15	–	cve

Nvd

Node

string_kit_project string_kitRange<0.12.8node.js

Source	Link
vuldb	www.vuldb.com/
github	www.github.com/cronvel/string-kit/releases/tag/v0.12.8
github	www.github.com/cronvel/string-kit/commit/9cac4c298ee92c1695b0695951f1488884a7ca73
vuldb	www.vuldb.com/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Jan 2023 08:15Current

5.3Medium risk

Vulners AI Score5.3

CVSS24

CVSS37.5

EPSS0.00052

CWE-1333