Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-vqc4-v8hc-h2jg: Polynomial regular expression used on uncontrolled data in nitrado.js

Impact

Possible ReDoS with lib input of {{ and with many repetitions of {{|.

Patches

Patched in all versions above 0.2.5

Workarounds

No known work arounds.

References

ghsa
#dos#js#git#php#pdf

Polynomial regular expression used on uncontrolled data in nitrado.js

High severity GitHub Reviewed Published Aug 31, 2022 in cainthebest/nitrado.js • Updated Aug 31, 2022

Related news

CVE-2022-36034: nitrado.js/CHANGELOG.md at v0.2.5 · cainthebest/nitrado.js

nitrado.js is a type safe wrapper for the Nitrado API. Possible ReDoS with lib input of `{{` and with many repetitions of `{{|`. This issue has been patched in all versions above `0.2.5`. There are currently no known workarounds.

ghsa: Latest News

GHSA-hqmp-g7ph-x543: TunnelVision - decloaking VPNs using DHCP