3 matches found
@achannarasappa/locust-cli (>=0.1.0 <=0.3.0), @achannarasappa/locust-cli-dashboard (=0.1.0) +349 more potentially affected by CVE-2021-4299 via string-kit (>=0.0.14 <=0.11.10)
string-kit NPM version =0.0.14, =0.1.0, =1.0.0, =0.1.0, =1.0.0-M.5a, =1.0.0, =0.0.3, =0.100.1-canary.31, =1.0.0, =1.0.3, =0.2.0, =0.11.0, =0.1.5, =0.1.1, =0.1.2 and more Source cves: CVE-2021-4299 Source advisory: OSV:GHSA-PFRM-4RJW-G9Q5...
CVE-2021-4299
A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...
CVE-2021-4299
The CVE-2021-4299 issue affects cronvel string-kit up to v0.12.7, specifically the naturalSort function in lib/naturalSort.js. The vulnerability stems from inefficient regular-expression complexity, enabling a remote attacker to cause performance-based impact (DoS). Upgrading to v0.12.8 mitigates...