Description

nodejs-tmpl is vulnerable to Inefficient Regular Expression Complexity

Remediation

References

https://github.com/daaku/nodejs-tmpl/commit/4c654e4d1542f329ed561fd95ccd80f30c6872d6

https://huntr.dev/bounties/a07b547a-f457-41c9-9d89-ee48bee8a4df

Related Vulnerabilities

CVE-2020-28501 Vulnerability in npm package es6-crawler-detect

CVE-2021-23358 Vulnerability in npm package underscore

CVE-2020-26289 Vulnerability in maven package org.webjars.npm:date-and-time

CVE-2016-2510 Vulnerability in maven package org.beanshell:bsh

CVE-2019-3773 Vulnerability in maven package org.springframework.ws:spring-ws-core

Severity

High

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Patch Third Party Advisory Exploit Issue Tracking NVD-CWE-Other