CVE-2018-1109

EPSS 1.4%CWE-185

A vulnerability was found in Braces versions 2.2.0 and above, prior to 2.3.1. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks.

Productos afectados

n/a · nodejs-braces

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://bugzilla.redhat.com/show_bug.cgi?id=1547272 https://snyk.io/vuln/npm:braces:20180219