Lucene search
PRIOn knowledge basePRION:CVE-2022-25918HistoryOct 27, 2022 - 10:15 a.m.
Code injection
2022-10-2710:15:00
PRIOn knowledge base
www.prio-n.com
5
code injection
vulnerability
shescape package
regular expression denial of service
redos
escape function
index.js
insecure regex
escapeargbash function
nvd
0.002 Low
EPSS
Percentile
59.0%
The package shescape from 1.5.10 and before 1.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the escape function in index.js, due to the usage of insecure regex in the escapeArgBash function.
Related
nvd
nvd
CVE-2022-25918
2022-10-27 10:15:10
cvelist
cvelist
CVE-2022-25918 Regular Expression Denial of Service (ReDoS)
2022-10-27 00:00:00
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2022-10-28 05:35:07
cve
cve
CVE-2022-25918
2022-10-27 10:15:10
github
github
Inefficient Regular Expression Complexity in shescape
2022-10-25 22:27:32
osv
osv
CVE-2022-25918
2022-10-27 10:15:10
Inefficient Regular Expression Complexity in shescape
2022-10-25 22:27:32