CVE-2020-7661

CVE-2020-7661

EPSS 2.7%

all versions of url-regex are vulnerable to Regular Expression Denial of Service. An attacker providing a very long string in String.test can cause a Denial of Service.

Productos afectados

n/a · url-regex

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/kevva/url-regex/issues/70 https://snyk.io/vuln/SNYK-JS-URLREGEX-569472