Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
nescalante urlregex Backtracking index.js redos
Vulnerability Description
A vulnerability was found in nescalante urlregex up to 0.5.0 and classified as problematic. This issue affects some unknown processing of the file index.js of the component Backtracking. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.5.1 is able to address this issue. The identifier of the patch is e5a085afe6abfaea1d1a78f54c45af9ef43ca1f9. It is recommended to upgrade the affected component.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
CWE-1333
Vulnerability Title
urlregex 安全漏洞
Vulnerability Description
urlregex是Nicolas Escalante个人开发者的一个节点和浏览器的 URL 验证。 urlregex 0.5.0版本及之前版本存在安全漏洞,该漏洞源于执行错误操作会导致正则表达式复杂度低下。
CVSS Information
N/A
Vulnerability Type
N/A