7 matches found
EUVD-2021-1960
Malware in sbrugna...
nodejs-trim-off-newlines: ReDoS via string processing
A flaw was found in nodejs-trim-off-newlines. All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service ReDoS via string processing. The highest threat from this vulnerability is to system availability...
Uncontrolled Resource Consumption in trim-off-newlines
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service ReDoS via string processing...
CVE-2021-23425
CVE-2021-23425 affects the nodejs-trim-off-newlines package; all versions of trim-off-newlines are vulnerable to ReDoS via string processing. The issue is confirmed in multiple sources (NVD entry and Red Hat advisory RHSA-2022:4711) with an overall Medium impact (CVSS v3.1 base score 5.3; Availab...
CVE-2021-23425
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service ReDoS via string processing...
stevemao trim-off-newlines 处理逻辑错误漏洞
trim-off-newlines is used by NPM to remove line breaks. A processing logic error vulnerability exists in stevemao trim-off-newlines that stems from the fact that all versions of trim-off-newlines are susceptible to a Regular Expression Denial of Service ReDoS attack via string processing...
Regular Expression Denial of Service (ReDoS)
Overview trim-off-newlines is a Similar to Stringtrim but removes only newlines Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via string processing. PoC const trim = require'trim-off-newlines'; for let i=10; i 25; i += 1 const s = 'a' + "rn".repeat...