A new vulnerability was discovered: CVE-2021-23343

Question

A new vulnerability was discovered: CVE-2021-23343

Closed this issue 2 years ago · 0 comments

All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.

Read more at Debricked: https://app.debricked.com/en/service/vulnerability/217918