PT-2024-28409 · Async · Async

Name of the Vulnerable Software and Affected Versions: Async versions 2.6.4 and earlier, Async versions 3.2.5 and earlier Description: The issue concerns a ReDoS Regular Expression Denial of Service vulnerability while parsing a function in the autoinject function. It is noted that the supplier...

CVE-2024-39249

Async = 2.6.4 and = 3.2.5 are vulnerable to ReDoS Regular Expression Denial of Service while parsing function in autoinject function. NOTE: this is disputed by the supplier because there is no realistic threat model: regular expressions are not used with untrusted input...