Regular Expression Denial Of Service (ReDoS)

2021-02-2204:05:27

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.002 Low

EPSS

Percentile

55.4%

JSON

@progfay/scrapbox-parser is vulnerable to Regular Expression Denial Of Service. An insecure regex allows an attacker to crash the application via a malicious URL.

CPENameOperatorVersion
@progfay/scrapbox-parserle6.0.2

CPE	Name	Operator	Version
	@progfay/scrapbox-parser	le	6.0.2

References

github.com/advisories/GHSA-9fhw-r42p-5c7r

github.com/progfay/scrapbox-parser/pull/519

github.com/progfay/scrapbox-parser/pull/539

github.com/progfay/scrapbox-parser/pull/540

security.netapp.com/advisory/ntap-20210326-0002/

www.npmjs.com/advisories/1641

0.002 Low

EPSS

Percentile

55.4%

JSON

Related for VERACODE:29451