3 matches found
10cartsharing (>=1.0.0 <=1.0.3), 1api (>=0.0.1 <=0.0.2) +7065 more potentially affected by CVE-2017-16113 via parsejson (>=0.0.1 <=0.0.3)
parsejson NPM version =0.0.1, =1.0.0, =0.0.1, =0.0.1, =0.1.0, =1.0.2, =1.0.1, =2.16.1, =1.0.0-RC.1, =0.1.0, =1.0.1, =1.0.3 and more Source cves: CVE-2017-16113 Source advisory: OSV:GHSA-Q75G-2496-MXPP...
CVE-2017-16113
The parsejson module is vulnerable to regular expression denial of service when untrusted user input is passed into it to be parsed...
CVE-2017-16113
CVE-2017-16113 affects the parsejson module, where a regular expression denial of service (ReDoS) can be triggered by untrusted input during JSON parsing. Affected details across sources consistently describe a ReDoS risk in parsejson, with CVSS v3.0 base score 7.5 (HIGH) and impact on availabili...