Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-fp36-299x-pwmw: Regular expression denial of service in devcert

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the devcert npm package, when an attacker is able to supply arbitrary input to the certificateFor method

ghsa
Open in Source
#dos#nodejs#git
  1. GitHub Advisory Database
  2. GitHub Reviewed
  3. CVE-2022-1929

Regular expression denial of service in devcert

Low severity GitHub Reviewed Published Jun 3, 2022 • Updated Jun 3, 2022

We are still processing this advisory. You may have affected repositories that are not yet on this list. Check back soon for more.

Package

npm devcert (npm )

Affected versions

< 1.2.1

Description

Related news

CVE-2022-1929: devcert ReDoS | XRAY-211352

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the devcert npm package, when an attacker is able to supply arbitrary input to the certificateFor method

ghsa: Latest News

GHSA-27wf-5967-98gx: Kubernetes kubelet arbitrary command execution
ghsa