VDB
GHSA-H6CH-V84P-W6P9
GHSA-H6CH-V84P-W6P9
PUBLISHED
CVSS 8.699999809265137 HIGH
Regular Expression Denial of Service (ReDoS)
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| npm | diff | 0, 0, 0 |
Timeline
- Jun 13, 2019 CVE Published
- Feb 24, 2021 CVE Updated
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1552148 web
- https://snyk.io/vuln/npm:diff:20180305 web
- https://www.npmjs.com/advisories/1631 web
- https://www.whitesourcesoftware.com/vulnerability-database/WS-2018-0590 web
- https://github.com/kpdecker/jsdiff/commit/2aec4298639bf30fb88a00b356bf404d3551b8c0 fix
- GitHub Advisory GHSA-h6ch-v84p-w6p9 vendor-advisory