3 matches found
word-wrap 安全漏洞
word-wrap is a library by Jon Schlinkert, an individual developer in the United States. It is used to wrap words to a specified length. A security vulnerability exists in word-wrap, which stems from the use of an insecure regular expression in the result variable...
PT-2023-4760
Name of the Vulnerable Software and Affected Versions word-wrap versions all Description The issue is related to the use of a regular expression with inefficient computational complexity in the word-wrap module of the Node.js platform. This can be exploited by a remote attacker to cause a denial ...
Regular Expression Denial of Service (ReDoS)
Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of an insecure regular expression within the result variable. Note: The regex is vulnerable on its own, but the vulnerable function is not reachable as shipped in the package...