Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Zod jsVideoUrlParser util.js getTime redos
Vulnerability Description
A weakness has been identified in Zod jsVideoUrlParser up to 0.5.1. The impacted element is the function getTime in the library lib/util.js. This manipulation of the argument timestamp causes inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
CWE-1333
Vulnerability Title
js-video-url-parser 安全漏洞
Vulnerability Description
js-video-url-parser是Julian Hangstörfer个人开发者的一个解析视频URL信息的JavaScript库。 js-video-url-parser 0.5.1及之前版本存在安全漏洞,该漏洞源于对lib/util.js库中getTime函数参数timestamp的操作,可能导致正则表达式复杂性低效,引发拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A