Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Denosaurs emoji has ReDoS vulnerability in `replace` function
Vulnerability Description
The Denosaurs emoji package provides emojis for dinosaurs. Starting in version 0.1.0 and prior to version 0.3.0, the reTrimSpace regex has 2nd degree polynomial inefficiency, leading to a delayed response given a big payload. The issue has been patched in 0.3.0. As a workaround, avoid using the `replace`, `unemojify`, or `strip` functions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
CWE-1333
Vulnerability Title
emoji 安全漏洞
Vulnerability Description
emoji是Denosaurs团队的一个支持node.js项目的简单表情符号。 Denosaurs emoji 0.1.0版本至0.3.0之前版本存在安全漏洞,该漏洞源于正则表达式二阶多项式效率低,导致在给定大负载时响应延迟。
CVSS Information
N/A
Vulnerability Type
N/A