4 matches found
CVE-2020-7661
all versions of url-regex are vulnerable to Regular Expression Denial of Service. An attacker providing a very long string in String.test can cause a Denial of Service...
Regular Expression Denial of Service
Overview All versions of url-regex are vulnerable to a Regular Expression Denial of Service. An attacker providing a very long string in String.test can cause a Denial of Service. Recommendation There are no patches and the software is not currently maintained. The security researcher who found t...
CVE-2020-7661
all versions of url-regex are vulnerable to Regular Expression Denial of Service. An attacker providing a very long string in String.test can cause a Denial of Service...
CVE-2020-7661
CVE-2020-7661 affects the url-regex package (and related urlregex) with a Regular Expression Denial of Service caused by catastrophic backtracking when testing very long strings in String.test. Affected: url-regex/url-regex-based packages (Node.js/npm ecosystem) with versions prior to the fix. Im...