repo-git-downloader is vulnerable to regular expression denial of service. The vulnerability exists due to the insecure regex pattern used for match repository urls in the getOptions
function of option.js
, allowing an attacker to crash the application by downloading maliciously crafted git repositories.
CPE | Name | Operator | Version |
---|---|---|---|
repo-git-downloader | le | 0.1.1 | |
repo-git-downloader | le | 0.1.1 |