Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-XR9W-X6GW-C9MJ
HistoryFeb 25, 2023 - 6:30 a.m.

Deno vulnerable to Regular Expression Denial of Service

2023-02-2506:30:21
Google
osv.dev
6
JSON

Versions of the package deno before 1.31.0 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the upgradeWebSocket function, which contains regexes in the form of /s*,s*/, used for splitting the Connection/Upgrade header. A specially crafted Connection/Upgrade header can be used to significantly slow down a web socket server. This issue has been patched in version 1.31.0.

CPENameOperatorVersion
denolt1.31.0

Related

prion 1
osv 2
cve 1
github 1
wallarmlab 1
prion
prion
Design/Logic Flaw
2023-02-25 05:15:00
osv
osv
CVE-2023-26103
2023-02-25 05:15:12
Regular Expression Denial of Service in Deno.upgradeWebSocket API
2023-04-03 17:18:51
cve
cve
CVE-2023-26103
2023-02-25 05:15:12
github
github
Regular Expression Denial of Service in Deno.upgradeWebSocket API
2023-04-03 17:18:51
wallarmlab
wallarmlab
ChatGPT: Friend or Foe? | API Security Newsletter
2023-05-16 13:58:20
JSON
Related for OSV:GHSA-XR9W-X6GW-C9MJ
prion1osv2cve1github1wallarmlab1