Description
CommonRegexJS is a CommonRegex port for JavaScript. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 0.3.1
References
Related Issues
- Server secret was included in static assets and served to clients - Vulnerability
- @sveltejs/kit has unescaped error message included on error page - CVE-2024-53262
- Undici vulnerable to data leak when using response.arrayBuffer() - CVE-2024-38372
- Default swagger-ui configuration exposes all files in the module - CVE-2024-22207
- Tags:
- npm
- commonregex
Anything's wrong? Let us know Last updated on November 13, 2024