Description
CommonRegexJS is a CommonRegex port for JavaScript. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 0.3.1
References
Related Issues
- Knwl.js Regular Expression Denial of Service vulnerability - CVE-2020-26306
- useragent Regular Expression Denial of Service vulnerability - CVE-2020-26311
- Foundation Regular Expression Denial of Service vulnerability - CVE-2020-26304
- ua-parser-js Regular Expression Denial of Service vulnerability - CVE-2020-7793
- Tags:
- npm
- commonregex
Anything's wrong? Let us know Last updated on November 13, 2024