Lucene search
Veracode Vulnerability DatabaseVERACODE:28509HistoryDec 09, 2020 - 3:32 a.m.
Regular Expression Denial Of Service (ReDoS)
2020-12-0903:32:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
fast-csv
vulnerability
redos
ignoreempty
parsing
EPSS
0.008
Percentile
81.8%
fast-csv is vulnerable to regular expression denial of service (ReDoS). The vulnerability exists through the usage of the ignoreEmpty option when parsing.
References
github.com/C2FO/fast-csv/commit/4bbd39f26a8cd7382151ab4f5fb102234b2f829e
github.com/C2FO/fast-csv/issues/540
github.com/C2FO/fast-csv/security/advisories/GHSA-8cv5-p934-3hwp
lgtm.com/query/8609731774537641779/
www.npmjs.com/advisories/1587
www.npmjs.com/advisories/1588
www.npmjs.com/package/@fast-csv/parse
www.npmjs.com/package/fast-csv
Related
osv
osv
Denial of service in fast-csv
2020-12-08 21:42:53
CVE-2020-26256
2020-12-08 22:15:17
nvd
nvd
CVE-2020-26256
2020-12-08 22:15:17
githubexploit
githubexploit
Exploit for Uncontrolled Resource Consumption in C2Fo Fast-Csv
2020-12-09 18:46:54
cvelist
cvelist
CVE-2020-26256 Denial of service in fast-csv
2020-12-08 21:45:19
nodejs
nodejs
Regular Expression Denial of Service
2020-12-08 21:50:38
Regular Expression Denial of Service
2020-12-08 21:52:33
ibm
ibm
prion
prion
Code injection
2020-12-08 22:15:00
cve
cve
CVE-2020-26256
2020-12-08 22:15:17
github
github
Denial of service in fast-csv
2020-12-08 21:42:53