CVE-2020-7661

Sažetak

all versions of url-regex are vulnerable to Regular Expression Denial of Service. An attacker providing a very long string in String.test can cause a Denial of Service.

Reference

https://github.com/kevva/url-regex/issues/70
https://snyk.io/vuln/SNYK-JS-URLREGEX-569472

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

10-06-2020 - 15:26

Objavljeno

04-06-2020 - 18:15