mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-10 11:57:37 +02:00
0xMarcio
1.0 KiB
1.0 KiB
CVE-2022-25883
&color=brighgreen)
Description
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
POC
Reference
Github
- https://github.com/bottledlactose/dungoid
- https://github.com/bottledlactose/isditeengrap.nl
- https://github.com/dellalibera/dellalibera
- https://github.com/mathworks/MATLAB-language-server
- https://github.com/seal-community/cli
- https://github.com/seal-community/patches
- https://github.com/tmalbonph/grunt-swagger-tools
- https://github.com/trong0dn/eth-todo-list