Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Regular Expression Denial of Service (ReDoS)
Vulnerability Description
All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
N/A
Vulnerability Title
npm path-parse 安全漏洞
Vulnerability Description
npm path-parse是美国npm公司的一个应用插件。提供一个路径解析功能。 path-parse 存在安全漏洞,该漏洞源于受到通过splitDeviceRe、splitTailRe和splitPathRe正则表达式的正则表达式拒绝服务(ReDoS)的攻击。
CVSS Information
N/A
Vulnerability Type
N/A