Description
protobufjs is vulnerable to ReDoS when parsing crafted invalid .proto files.
Remediation
References
https://hackerone.com/reports/319576
Related Vulnerabilities
CVE-2021-25915 Vulnerability in npm package changeset
CVE-2022-25940 Vulnerability in npm package lite-server
CVE-2023-25572 Vulnerability in maven package org.webjars.npm:react-admin
CVE-2022-23496 Vulnerability in maven package nl.basjes.parse.useragent:yauaa-logparser
CVE-2022-35980 Vulnerability in maven package org.opensearch.plugin:opensearch-security