Lucene search
K

4 matches found

OSV
OSV
added 2020/04/03 9:48 p.m.1 views

GHSA-6CHW-6FRG-F759 Regular Expression Denial of Service in Acorn

Affected versions of acorn are vulnerable to Regular Expression Denial of Service. A regex in the form of /x-\ud800/u causes the parser to enter an infinite loop. The string is not valid UTF16 which usually results in it being sanitized before reaching the parser. If an application processes...

7.5CVSS5.9AI score
Exploits0References4
vulnersOsv
vulnersOsv
added 2020/04/03 9:48 p.m.4 views

@21epub/resource-lib (>=1.0.0 <=1.0.3), @alex_xu/xdb (=0.1.0-snapshot.41) +260 more potentially affected by unknown CVE via acorn (>=6.0.0 <=6.4.0)

acorn NPM version =6.0.0, =1.0.0, =2018.10.14-0, =2018.10.14-0, =0.8.0, =4.0.0-alpha.0, =4.0.0, =0.0.1, =0.1.0, =1.0.0, =3.0.0, =12.1.0, =0.1.6, =1.0.0, =1.1.8 and more Source cves: unknown CVE Source advisory: OSV:GHSA-6CHW-6FRG-F759...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2020/04/03 9:48 p.m.4 views

@adhd/reverse (>=0.0.1 <=0.1.7), @ambroseus/tsdx (>=0.12.4 <=0.12.5) +64 more potentially affected by unknown CVE via acorn (>=7.0.0 <=7.1.0)

acorn NPM version =7.0.0, =0.0.1, =0.12.4, =0.12.2, =3.4.1, =0.0.1-alpha.1, =0.0.0, =0.0.0, =0.0.0, =0.1.1, =0.2.0, =0.0.1, =1.0.44, =1.0.4, =1.1.8-7, =1.0.4, =1.0.7 and more Source cves: unknown CVE Source advisory: OSV:GHSA-6CHW-6FRG-F759...

5.8AI score
Exploits0
Node.js
Node.js
added 2020/03/02 7:21 p.m.19 views

Regular Expression Denial of Service

Overview Affected versions of acorn are vulnerable to Regular Expression Denial of Service. A regex in the form of /x-\ud800/u causes the parser to enter an infinite loop. The string is not valid UTF16 which usually results in it being sanitized before reaching the parser. If an application...

6.8AI score
Exploits0Affected Software1
Rows per page
Query Builder