Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ssri 安全漏洞
Vulnerability Description
nlf ssri是 (nlf)开源的一个应用软件。提供Standard Subresource Integrity(标准子资源完整性)的缩写,是一个Node.js实用程序,用于解析,操作,序列化,生成和验证Subresource Integrity哈希值。 ssri 5.2.2-8.0.0 存在安全漏洞,该漏洞源于使用正则表达式处理SRIs,该正则表达式容易被拒绝服务。恶意的SRIs可能需要非常长的时间来处理,从而导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A