3 matches found
Regular Expression Denial Of Service (ReDoS)
string-kit is vulnerable to regular expression denial of service attacks. The vulnerability exists via the module.exports function in naturalSort.js, which does not properly handle user-input data due to to inefficient regular expression complexity, allowing an attacker to cause an application...
CVE-2021-4299
A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...
CVE-2021-4299 cronvel string-kit naturalSort.js naturalSort redos
A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...