4 matches found
Regular Expression Denial of Service
Overview fast-csv and @fast-csv/parse before version 4.3.6 has a possible ReDoS vulnerability Regular Expression Denial of Service when using ignoreEmpty option when parsing. Impact You will only be affected by this if you use the ignoreEmpty parsing option. If you do use this option it is...
CVE-2020-26256 Denial of service in fast-csv
Fast-csv is an npm package for parsing and formatting CSVs or any other delimited value file in node. In fast-cvs before version 4.3.6 there is a possible ReDoS vulnerability Regular Expression Denial of Service when using ignoreEmpty option when parsing. This has been patched in v4.3.6 You will...
CVE-2020-26256
CVE-2020-26256 affects the fast-csv family (fast-csv and @fast-csv/parse) prior to version 4.3.6. The vulnerability is a Regular Expression Denial of Service (ReDoS) caused by the EMPTY_ROW_REGEXP when parsing with the ignoreEmpty option. A remote attacker could trigger a denial of service; docum...
Denial of service in fast-csv
Impact Possible ReDoS Regular Expression Denial of Service when using ignoreEmpty option when parsing. Patches This has been patched in v4.3.6 Workarounds You will only be affected by this if you use the ignoreEmpty parsing option. If you do use this option it is recommended that you upgrade to t...